Alleged Business Email Compromise Fraudsters ExtraditedSchemers Spoofed Construction Companies to Bilk Universities
Three Nigerian nationals accused of participating in multimillion-dollar business email compromise fraud with a fixation on universities arrived in the United States after extradition from the United Kingdom.
See Also: Email Reporting and Remediation
The men faces charges in federal courts in North Carolina, Texas and Virginia for offenses that include conspiracy to commit wire fraud and money laundering conspiracy. They allegedly attempted to steal more than $5 million.
All three were arrested on April 23, 2020, by British authorities at the request of the United States and ordered extradited on Sept. 3, 2021. Their appeal to the U.K. High Court failed on July 12.
Total losses tied to business email compromise theft domestically and internationally totaled $43.3 billion from June 2016 through December 2021, according to the most recent FBI Internet Crime Complaint Center annual report. The FBI warned earlier this year that business email compromise scams are on the rise, with real and actual losses increasing by 65% in the 14-month period ending last December. In part, it attributed the increase to the novel coronavirus pandemic and its knock-on effect of shifting more work online.
Court documents show the alleged fraudsters used spoofing techniques to convince victims to make payments into bank accounts purportedly controlled by legitimate contractors.
Oludayo Kolawole John Adeagbo, 43, a Nigerian citizen, and Donald Ikenna Echeazu, 40, a dual U.K. and Nigerian citizen, allegedly bilked Appalachian State University out of nearly $2 million by appearing to be employees of a construction company hired to build a new health sciences building.
The conspirators sent emails coming from
rogersbuildersinc.com, which was not the domain used by the legitimate contractor,
Adeagbo also allegedly used domain spoofing to commit business email compromise in Texas.
Prosecutors say victims include local government entities, construction companies and a Houston-area college.
A third man, Olabanji Egbinola, 42, faces charges of conspiracy to commit wire fraud and money laundering for allegedly also posing as an employee of a construction company doing work for an unnamed university in Virginia. He sent emails from
kjellstromleegroup.com, which is not the legitimate domain of the Richmond-based firm Kjellstom & Lee. Its domain is
khellstromandlee.com. He allegedly defrauded the university of $469,819.49.
Prosecutors say Egbinola took steps to hide his identity, including by paying for domain hosting using Bitcoin and using a virtual private network to obscure his real IP address. FBI agents were able to identify his real IP address by sending him an email containing what the agency dubs a "network investigative technique," which is malware that sends agents details about computer users. Once the FBI had Egbinola's real IP address, British law enforcement agents were able to identify him.