Police in Nigeria have arrested the suspected mastermind of a web of cybercrime scams thought to have cost victims worldwide more than $60m.
The main two types of scam allegedly run by the 40-year-old suspect were payment diversion fraud – where a supplier’s email would be compromised to send fake messages to buyers asking them to send payments to a bank account under the criminal’s control – and "CEO fraud". In CEO fraud, the email account of a high-level executive is hijacked in order to send a bogus request to a firm’s accounts department instructing a wire transfer to a bank account controlled by criminals.
Neither of these frauds involved advanced fee fraud (AKA 419 scams), a form of cybercrime for which Nigeria is internationally infamous. 419 scams start with spammed messages that seek to convince the gullible that they can land a fat fee for helping to extricate frozen funds, an inheritance or in some cases supposed lottery winnings. In reality the money is non-existent and only used as a lure to persuade victims in handing over an escalating series of fees supposedly needed to extricate the funds.
The network compromised email accounts of largely small to medium businesses used to further these scams ran across the world and included businesses in Australia, Canada, India, Malaysia, Romania, South Africa, Thailand and the US. Firms doing business with the crooks unwittingly hosted compromised accounts, being targeted by scams that in one case conned a particularly unfortunate mark into handing over $15.4m.
"Mike" is alleged to have served as the kingpin of a series of scams run by a network of at least 40 individuals across Nigeria, Malaysia and South Africa. The alleged mastermind also had money laundering contacts in China, Europe and the US, who supplied bank accounts through which criminally derived funds were channelled. Malware as well as phishing underlined these various scams.
Following "Mike’s" arrest in Port Harcourt in southern Nigeria, a “forensic examination of devices seized by the EFCC showed he had been involved in a range of criminal activities including business email compromise and romance scams”, according to a statement by INTERPOL. Research by Trend Micro and later Fortinet provided intelligence that allowed police to locate and arrest the suspect in June.
Details of the case were only made public today through an INTERPOL statement that praised international co-operation in putting together the case. The statement goes on to suggest that Nigeria may no longer be a safe haven for cybercriminals - a big shout on the basis of one case that’s still in the process of being investigated and is nowhere near any conclusion.
The 40-year-old, along with a 38-year-old also arrested by Nigerian authorities, faces charges including hacking, conspiracy and obtaining money under false pretences. Both are currently on bail pending the outcome of a police investigation.