VOL. 133 | NO. 129 | Thursday, June 28, 2018
A Memphis-based real estate company had its servers and email systems hacked two years ago by what federal prosecutors in Memphis describe as a “widespread Africa-based cyber conspiracy.”
A dozen suspects were indicated by a federal grand jury in Memphis in August 2017 on conspiracy to commit wire fraud, money laundering, computer fraud and identity fraud.
The Memphis charges announced Monday, June 25, are part of an international effort – called Operation Keyboard Warrior – to combat business email compromises, known as BECs.
It is the second BEC investigation announced by federal prosecutors in Memphis in two weeks.
“>
A Memphis federal grand jury has indicted a dozen people on a cybercrime charge for infiltrating the email system of a Memphis-based realty firm and channeling money from a real estate transaction to their personal bank accounts in other countries. (Daily News File/Andrew J. Breig)
The real estate company based in Memphis is identified only as “Company A” in the indictment of Rashid Abdulai of Ghana, one of the five suspects arrested in the U.S. who was charged in a separate indictment in April. From The Bronx, New York, Abdulai is accused of controlling five Name Search
Watch Service“>TD Bank accounts used in the conspiracy.
Company A’s email servers are maintained in Memphis and the firm has 115 offices with more than 3,000 licensed sales associates over a nine-state area.
Prosecutors allege the compromise would begin with an email message that appeared to be legitimate.
“The bogus email usually contains either an attachment or a link to a malicious website,” the indictment reads. “Clicking on either will release a virus, worm, spyware or other program applications, also known as malware, that subsequently infects the employee’s email account and/or computer.”
From there it can spread through a company’s entire computer network and be used to harvest information including access to the company’s most sensitive information. Using spoofed emails, those behind a BEC can send what seem to be legitimate emails that change transfer or wiring instructions for financial transactions.
In the case of Company A, prosecutors allege Abdulai and other co-conspirators in June 2016 spoofed an agent’s account and misdirected funds from real estate transactions to elsewhere. The specific transaction was a closing worth $33,495 in which the money was wired to Ghana.
It was one of a series of intrusions that June and July with Ghana, Nigeria and South Africa being the destination of the money, prosecutors say.
By December 2016 Abdulai, communicating on WhatsApp, an encrypted electronic communications platform, allegedly told a co-conspirator “FBI came to my house asking me stuff about those transactions that was coming into my account,” according to the indictment.
The investigation was led by the FBI and included Interpol.
Investigators estimate the BEC netted $15 million overall since at least 2012.
The group of people indicted also used romance scams and emails seeking money in advance in order to get a larger amount of money or gold.
“Frauds perpetrated through the Internet cause significant financial harm to businesses and individuals in our district and throughout the United States,” said U.S. Attorney Name Search
Watch Service“>Michael Dunavant of the Western District of Tennessee in a written statement. “Because those committing Internet fraud hide behind technology, the cases are difficult – but not impossible – to investigate.”
Four others in federal custody for the Memphis case are Name Search
Watch Service“>Javier Luis Ramos Alonso, a Mexican national living in Seaside, California; Name Search
Watch Service“>James Dean of Plainfield, Indiana; Name Search
Watch Service“>Dana Brady of Auburn, Washington and Olufolajimi Abegunde, a Nigerian national of Atlanta.
Also arrested and awaiting extradition from Africa to Memphis are Maxwell Atugba Abayeta and Babatunde Martins, both of Ghana, and Benard Emurhowhoariogho Okorhi, a Nigerian national living in Ghana.
Also charged in the indictment but not yet arrested are Sumaila Hardi Wumpini, Dennis Miah, Ayodeji Ohumide Ojo and Name Search
Watch Service“>Victor Daniel Fortune Okorfu.
A trial date in October has been set for the case.
Two weeks earlier the U.S. Attorney’s office in Memphis announced its part in another BEC case in which 74 people were charged in a six-month investigation capped with arrests in the U.S., Nigeria, Poland and Mauritius. In that case, the Justice Department seized $2.4 million in cash and recovered $14 million in fraudulent wire transfers.