Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

A Nigerian national was arrested in Ghana and is facing charges related to business email compromise ( BEC ) attacks that caused a charitable organization

A Nigerian national was arrested in Ghana and is facing charges related to business email compromise (BEC) attacks that caused a charitable organization in the United States to lose more than $7.5 million.
Olusegun Samson Adejorin was arrested on December 29 for defrauding two charitable organizations in Maryland and New York, according to an eight-count federal grand jury indictment in the U.S.
Specifically, Adejorin faces charges for wire fraud, aggravated identity theft, and unauthorized access to a protected computer linked to attacks aimed at two Maryland-based charitable organizations, culminating in the embezzlement of $7.5 million.
Stealing millions
In an annoucement this week, the U.S. Department of Justice (DoJ) says that Adejorins fraud scheme occurred between June and August 2020 and involved unauthorized access to email accounts as well as impersonating employees..
Posing as an employee of one charity (Victim 2), Adejorin requested large withdrawals of funds from the other charity (Victim 1), which provided investment services to Victim 2.
To successfully process withdrawals over $10,000, Adejorin used stolen credentials to send emails from accounts of employees that needed to approve the transactions.
As part of the scheme, Adejorin also allegedly purchased a credential harvesting tool designed to steal email login credentials, registered spoofed domain names, and concealed the fraudulent emails from a legitimate employee by causing the fraudulent emails to be moved to an inconspicuous location within Employee 1s mailbox.- U.S. Department of Justice
Following these actions, Adejorin successfully tricked Victim 1 into transferring $7.5 million to bank accounts the attacker controlled, while the organization believed they were depositing the amounts into legitimate Victim 2 bank accounts.
Adejorin faces a maximum penalty of 20 years for wire fraud, five years for unauthorized access to a protected computer, and a mandatory sentence of two years for aggravated identity theft.
The U.S. DoJ announcement also notes that the sentence may be extended by seven years for malicious registration and use of a domain name.
BEC attacks, also known as CEO fraud, can result in significant financial damage. Last summer, a report from the FBI noted that business email compromise had caused billions of U.S. Dollars in losses.
Some reasonable defense measures to consider include implementing multi-factor authentication to reduce the likelihood of unauthorized account access, using email filtering to detect and block phishing attempts, and establishing a verification procedure that underpins wire transfer requests and involves using a secondary communication channel.
When met with suspicious requests such as changing bank account details, simply calling the partner on a pre-determined number to confirm the action can help save millions.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Focus On Geodatabases In ArcGIS Pro

Authors: David W. Allen

1st Edition

1589484452, 978-1589484450

More Books

Students also viewed these Databases questions

Question

assess the infl uence of national culture on the workplace

Answered: 1 week ago