Nigerian National Arrested Charged in $7.5 Million Email Scam

 In a recent development, a Nigerian national, Olusegun Samson Adejorin, has been apprehended in Ghana and is now facing charges in the United States for his involvement in a business email compromise (BEC) scheme targeting two charitable organizations.

The indictment reveals that between June and August 2020, Adejorin focused on two charities situated in North Bethesda, Maryland, and New York, New York. Allegedly, he gained access to the credentials of employees from both organizations, infiltrated their email accounts, and assumed the identity of employees from one charity to request fund withdrawals from the other.

According to the charges, Adejorin initiated fraudulent requests totaling over $7.5 million to be transferred to bank accounts under his control. Additionally, he is accused of purchasing a credential harvesting tool to steal employee credentials, creating domains mimicking legitimate websites, and concealing fraudulent emails by relocating them to inconspicuous locations in employees' mailboxes.

Arrested in Ghana on December 29, 2023, Adejorin faces five counts of wire fraud, one count of unauthorized access to a protected computer, and two counts of aggravated identity theft. He awaits his initial court appearance in Ghana.

This incident underscores the prevalence of BEC fraud, a type of cybercrime where attackers use deceptive emails to manipulate employees responsible for financial transactions within an organization. Chris Lehman, CEO of SafeGuard Cyber, highlights a concerning trend: a shift from email-based fraud to alternative communication channels like SMS, WhatsApp, Signal, and various workplace messaging apps. This evolution emphasizes the need for organizations to bolster security defenses across all communication platforms. Stay vigilant in 2024!