A Nigerian national entered into the custody of the FBI to face charges of having targeted several U.S. companies with business email compromise (BEC) scams.
On July 3, the U.S. Attorney's Office for the Northern District of Illinois announced that the United Arab Emirates had expelled Olalekan Jacob Ponle (a/k/a “Mr. Woodbery” and “Mark Kain”), 29, originally of Lagos, after having arrested the Nigerian national a month earlier. Poole subsequently entered into the custody of the FBI, through whom he was extradited to Chicago in order to face a charge of conspiracy to commit wire fraud. According to the Department of Justice (DOJ), Poole is alleged to have compromised the email accounts of several companies based in the United States during the first nine months of 2019. He leveraged his unauthorized access to target employees at those organizations with BEC scam emails. As quoted in the DOJ's press release:
The emails were nearly identical to prior legitimate emails sent over the company’s email account, but the fraudulent emails instructed victims to wire funds to a bank account that was set up by money mules at the direction of Ponle, the complaint states. Ponle then instructed the mules to convert the fraud proceeds to Bitcoin and send them to a virtual wallet that Ponle owned and operated....
BEC scams have been on the FBI's radar for some time now. This reality became evident in September 2019 when the law enforcement body announced that BEC ruses had caused more than $26 billion in damages between June 2016 and July 2019. Those damages were the products of over 150,000 incidents that preyed upon individuals spread across all 50 states and 177 countries. As of this writing, the U.S. District Court of Chicago had scheduled a detention hearing for Ponle on July 9. The activities of Ponle and attackers like him highlight the need for organizations to detect a BEC scam campaign. They can leverage these recommendations to do so.