Multimillion-Dollar Business Email Fraud Gang Arrested

Uploaded on 2022-04-05 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

International law enforcement has disrupted a massive business email compromise gang thought to have targeted hundreds of victim organisations over the past few years. 

The FBI has announced that 65 people were arrested as part of an international law enforcement crackdown on Business Email Compromise (BEC) attackers, which started in September 2021 and lasted three months.  

The US Department of Justice along with international law enforcement partners carried out Operation Eagle Sweep, a name referring to the takedown of the hacking gang, over a three-month period. 

Starting in September 2021, the operation has resulted in the arrests of 65 suspects, including twelve in Nigeria, eight in South Africa, two Toronto residents in Canada and one in Cambodia. Toronto Police Services arrested the duo, who are accused of having tried to divert more than US$16 million from victims across the United States and Canada in cheque fraud and BEC scams.

Operation Eagle Sweep targeted BEC scammers law enforcement believed to be responsible for targeting roughly 500 US victims and causing losses totalling $51 million. 

Among those arrested were Oluwasegun Baiyewu of Houston, Texas, and Leo Omorogieva Eghaghe of Lagos, Nigeria, who are thought to have been involved in an attack on a Puerto Rico-based renewable energy supplier and a $4.5m BEC money laundering conspiracy. 

The operation comes after a number of previous law enforcement tried to curb this type of activity through arrests, including one in 2018 that led to the arrest of 74 suspects worldwide and one in 2019 that resulted in 281 arrests.
Despite BEC being a prevalent type of attack, it continues to cost firms millions with the recently released Internet Crime Complaint Center (IC3) showing that BEC (and email account compromise) victims reported nearly $2.4 billion in losses in 2021. Operation Eagle Sweep follows Operation Wire Wire in 2018 and Operation reWired in 2019, which resulted in the arrests of more than 300 individuals for their suspected involvement in BEC schemes.

The real challenge in defending against this form of attack is that it is difficult to detect. BEC is typically carried out when legitimate business email accounts are compromised through social engineering techniques and used to conduct unauthorised transfers of funds.

ABC13:     Oodaloop:   Infosecurity Magazine:   DUO.com:   Security Week:   ITWorld Canada:     Dark Reading

You Might Also Read: 

Every Employee Should Be Considered A Target:
 

« Cyber Security Lessons From The Ukraine War
Heriot Watt University Knocked Offline For A Week »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The Networking People (TNP)

The Networking People (TNP)

TNP supplies independent advice allowing large organisations to design, build and operate their own networks independently of the established telecoms companies.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

Magic Software Enterprises

Magic Software Enterprises

Magic provide Mobile Device Management (MDM) for Secure Enterprise Mobility. Magic MDM overcomes the challenges of mobile device management security by protecting all of your devices, data and content

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

TrustInSoft

TrustInSoft

TrustInSoft develops solutions that validate mission-critical software and eliminate attack vectors.

Future of Cyber Security Europe

Future of Cyber Security Europe

Future of Cyber Security Europe is a European wide event examining the latest cyber security strategies and technologies.

Recovery Point Systems

Recovery Point Systems

Recovery Point is a leading national provider of IT secure and compliant infrastructure and business resilience services.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

Lightspin

Lightspin

Lightspin is a contextual cloud security platform that continuously visualizes, detects, prioritized, and prevents any threat to your cloud stack.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

Motorola Solutions

Motorola Solutions

Motorola Solutions build mission-critical services, software, video and analytics, backed by secure, resilient land mobile radio communications.

Atlas Cloud

Atlas Cloud

Atlas Cloud is a UK-wide provider of managed services based in Newcastle. Our ‘research-led’ approach to IT services helps leaders make better decisions about IT for their businesses.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.