Two Nigerian nationals, Ebuka Raphael Umeti and Franklin Ifeanyichukwu Okwonna, have recently been sentenced to prison in the United States for their involvement in a sophisticated business email compromise (BEC) fraud operation. On August 27, 2024, Umeti, aged 35, was sentenced to 10 years in federal prison, while Okwonna, 34, received a sentence of five years and three months on September 3, 2024. Both defendants were also ordered to pay restitution totaling approximately $5 million to the victim organizations impacted by their fraudulent activities.
The BEC scheme executed by Umeti, Okwonna, and their accomplices spanned from February 2016 to July 2021. The fraudsters utilized phishing emails designed to appear as though they came from trusted and legitimate sources. These emails often contained malicious attachments intended to install malware on the recipients’ systems. Once the malware was deployed, it allowed the attackers to gain unauthorized access to sensitive information and email accounts, enabling them to manipulate and deceive employees at various organizations.
Using the stolen information, Umeti, Okwonna, and their co-conspirators orchestrated wire transfer schemes that resulted in substantial financial losses. The court documents revealed that their fraudulent activities caused or attempted to cause over $5 million in damages to companies both in the U.S. and internationally. The scale and sophistication of the scheme illustrate the significant impact of such cybercriminal operations on businesses and their financial stability.
Umeti was convicted in June 2024 of multiple charges, including wire fraud conspiracy, wire fraud, conspiracy to damage a protected computer, and damage to a protected computer. Okwonna, who pleaded guilty in May 2024, faced charges of wire fraud conspiracy and aggravated identity theft. This case highlights the increasing prevalence and severity of BEC scams, underscoring the need for vigilance and robust cybersecurity measures to combat such threats. The sentencing serves as a stern reminder of the severe legal repercussions that accompany involvement in large-scale financial fraud and cybercrime.
Reference:
