Answered step by step
Verified Expert Solution
Question
1 Approved Answer
A Nigerian national was arrested in Ghana and is facing charges related to business email compromise ( BEC ) attacks that caused a charitable organization
A Nigerian national was arrested in Ghana and is facing charges related to business email compromise BEC attacks that caused a charitable organization in the United States to lose more than $ million.
Olusegun Samson Adejorin was arrested on December for defrauding two charitable organizations in Maryland and New York, according to an eightcount federal grand jury indictment in the US
Specifically, Adejorin faces charges for wire fraud, aggravated identity theft, and unauthorized access to a protected computer linked to attacks aimed at two Marylandbased charitable organizations, culminating in the embezzlement of $ million.
Stealing millions
In an annoucement this week, the US Department of Justice DoJ says that Adejorins fraud scheme occurred between June and August and involved unauthorized access to email accounts as well as impersonating employees..
Posing as an employee of one charity Victim Adejorin requested large withdrawals of funds from the other charity Victim which provided investment services to Victim
To successfully process withdrawals over $ Adejorin used stolen credentials to send emails from accounts of employees that needed to approve the transactions.
As part of the scheme, Adejorin also allegedly purchased a credential harvesting tool designed to steal email login credentials, registered spoofed domain names, and concealed the fraudulent emails from a legitimate employee by causing the fraudulent emails to be moved to an inconspicuous location within Employee s mailbox. US Department of Justice
Following these actions, Adejorin successfully tricked Victim into transferring $ million to bank accounts the attacker controlled, while the organization believed they were depositing the amounts into legitimate Victim bank accounts.
Adejorin faces a maximum penalty of years for wire fraud, five years for unauthorized access to a protected computer, and a mandatory sentence of two years for aggravated identity theft.
The US DoJ announcement also notes that the sentence may be extended by seven years for malicious registration and use of a domain name.
BEC attacks, also known as CEO fraud, can result in significant financial damage. Last summer, a report from the FBI noted that business email compromise had caused billions of US Dollars in losses.
Some reasonable defense measures to consider include implementing multifactor authentication to reduce the likelihood of unauthorized account access, using email filtering to detect and block phishing attempts, and establishing a verification procedure that underpins wire transfer requests and involves using a secondary communication channel.
When met with suspicious requests such as changing bank account details, simply calling the partner on a predetermined number to confirm the action can help save millions.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started