Multimillion-Dollar Business Email Fraud Gang Arrested

Uploaded on 2022-04-05 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

International law enforcement has disrupted a massive business email compromise gang thought to have targeted hundreds of victim organisations over the past few years. 

The FBI has announced that 65 people were arrested as part of an international law enforcement crackdown on Business Email Compromise (BEC) attackers, which started in September 2021 and lasted three months.  

The US Department of Justice along with international law enforcement partners carried out Operation Eagle Sweep, a name referring to the takedown of the hacking gang, over a three-month period. 

Starting in September 2021, the operation has resulted in the arrests of 65 suspects, including twelve in Nigeria, eight in South Africa, two Toronto residents in Canada and one in Cambodia. Toronto Police Services arrested the duo, who are accused of having tried to divert more than US$16 million from victims across the United States and Canada in cheque fraud and BEC scams.

Operation Eagle Sweep targeted BEC scammers law enforcement believed to be responsible for targeting roughly 500 US victims and causing losses totalling $51 million. 

Among those arrested were Oluwasegun Baiyewu of Houston, Texas, and Leo Omorogieva Eghaghe of Lagos, Nigeria, who are thought to have been involved in an attack on a Puerto Rico-based renewable energy supplier and a $4.5m BEC money laundering conspiracy. 

The operation comes after a number of previous law enforcement tried to curb this type of activity through arrests, including one in 2018 that led to the arrest of 74 suspects worldwide and one in 2019 that resulted in 281 arrests.
Despite BEC being a prevalent type of attack, it continues to cost firms millions with the recently released Internet Crime Complaint Center (IC3) showing that BEC (and email account compromise) victims reported nearly $2.4 billion in losses in 2021. Operation Eagle Sweep follows Operation Wire Wire in 2018 and Operation reWired in 2019, which resulted in the arrests of more than 300 individuals for their suspected involvement in BEC schemes.

The real challenge in defending against this form of attack is that it is difficult to detect. BEC is typically carried out when legitimate business email accounts are compromised through social engineering techniques and used to conduct unauthorised transfers of funds.

ABC13:     Oodaloop:   Infosecurity Magazine:   DUO.com:   Security Week:   ITWorld Canada:     Dark Reading

You Might Also Read: 

Every Employee Should Be Considered A Target:
 

« Cyber Security Lessons From The Ukraine War
Heriot Watt University Knocked Offline For A Week »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Center for Cyber Safety and Education

Center for Cyber Safety and Education

The Center for Cyber Safety and Education works to ensure that people across the globe have a positive and safe experience online through our educational programs, scholarships, and research.

Silensec

Silensec

Silensec is a management consulting, technology services and training company specialized in information security.

Seculert

Seculert

The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network.

Verifi

Verifi

Verifi is an award-winning provider of end-to-end payment protection and risk management solutions.

AnChain.AI

AnChain.AI

AnChain.AI's analytics platform proactively protects crypto assets by providing proprietary artificial intelligence, knowledge graphs, and threat intelligence on blockchain transactions.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

Agile Underwriting

Agile Underwriting

Agile, an underwriting agency, insurtech and Coverholder at Lloyd's, provides niche insurance products across Aviation, Marine & Cargo, Cyber and Financial Lines.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Zerify

Zerify

Zerify offers the industry’s only video conferencing platform built with a zero-trust architecture to keep your meetings secure, private and business compliant.

Trackd

Trackd

At trackd, we’re re-imaging vulnerability remediation for the benefit of the entire cyber security community. Automating Vulnerability Remediation without the Fear of Disruption.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.

DOT Europe

DOT Europe

DOT Europe is a consensus based organisation which brings a diverse membership together to agree on their collective stance on EU tech policy.