Nigerian man sentenced 10 years for $11 million phishing scam

The sentence comes as the cost of email scams continues to plague U.S. businesses.
email implant, phishing, spearphishing
(Getty Images)

A Nigerian national, Obinwanne Okeke, has been sentenced to 10 years in prison for allegedly coordinating an international spearphishing campaign that has cost victims approximately $11 million in losses.

The scheme, which lasted from 2015 to 2019, targeted Unatrac Holding Limited, a British firm that acted as the export sales office for Caterpillar, with fake invoices and wire transfer requests. The FBI opened an investigation into the alleged scam in 2018 after Unatrac raised alarm about an email compromise operation that had targeted the firm, according to court documents.

The scheme collected the credentials of hundreds of victims over the course of the operation, according to the FBI press release on the matter.

It’s the kind of business email compromise scam that plagues businesses around the world. There were $1.7 billion worth of losses caused by BEC scams in 2019 alone, the most recent year the FBI has published data on, according to the FBI’s Internet Crime Complaint Center.


Okeke and his alleged co-conspirators sent Unatrac’s chief financial officer a phishing email with a fake login link to the CFO’s Microsoft Office365 email account, where he then entered his credentials, according to an FBI affidavit.

After the scammers had access to the CFO’s account, they sent fraudulent wire transfer requests with attached invoices, logos and invoice templates they found in the CFO’s email account to Unatrac’s financial department.

They also controlled the email filters in the CFO’s account so he wouldn’t easily be able to see the emails sent or received while the scheme impersonated him.

After obtaining a search warrant, the FBI worked with Google to obtain information about an email account that the scammers sent information to — and uncovered it had been running other alleged scams, including computer intrusion, trafficking in stolen identities and passwords and conspiracies to obtain money through fraudulent wire transfers, according to the affidavit. The FBI also found records of stolen email account passwords and copies of passports and driver’s licenses that appeared to have been stolen.

Microsoft, which the attackers allegedly leveraged in this operation, is one of the top brands that scammers imitate when running credential-stealing operations using typo-squatting, according to research published last fall by Palo Alto Networks.

Shannon Vavra

Written by Shannon Vavra

Shannon Vavra covers the NSA, Cyber Command, espionage, and cyber-operations for CyberScoop. She previously worked at Axios as a news reporter, covering breaking political news, foreign policy, and cybersecurity. She has appeared on live national television and radio to discuss her reporting, including on MSNBC, Fox News, Fox Business, CBS, Al Jazeera, NPR, WTOP, as well as on podcasts including Motherboard’s CYBER and The CyberWire’s Caveat. Shannon hails from Chicago and received her bachelor’s degree from Tufts University.

Latest Podcasts