Through collaboration with Trend Micro researchers, INTERPOL and Nigeria’s Economic and Financial Crime Commission (EFCC), recently struck a blow against Business Email Compromise (BEC) scams when they arrested a 40-year-old Nigerian national named “Mike”, who was the mastermind behind multiple BEC, 419, and romance scams.
“Mike” and his network of cybercriminals from Nigeria, Malaysia, and South Africa is believed to have conned more than US$60 million from various companies, with one victim alone losing more than US$15 million.
Trend Micro Investigation on Cybercriminals Behind BEC
Our investigation on “Mike” (who also used the aliases Chinaka Onyeali and Beasley Martyn) started in late 2014 when we were looking at Predator Pain and Limitless – malware known to be used in BEC scams. Analyzing the command-and-control (C&C) infrastructure used by the malware allowed us to track “Mike down”. All information gathered on mike was then given to INTERPOL in late 2014. This, combined with information from other researchers, led to his arrest in June of 2016.
BEC scams have proven to be very effective, with criminals stealing large amounts of money from various businesses. From 2013 to 2015, BEC-related damages were estimated at US$ 2.3 billion, eventually leading to more than $3 billion in 2016. Targeting employees dealing with company funds (accounting, administrative, and financial staff) and impersonating C-level executives has proven to be a very successful tactic, with multiple companies falling victim to this kind of scam. We’ve previously talked about these in our report titled Billion-Dollar Scams: The Numbers Behind Business Email Compromise.
Since 2014, Trend Micro has worked in close partnership with INTERPOL via the Global Complex for Innovation (IGCI), located in Singapore. These efforts result in the arrest of cybercriminals, even if they believe that they are in countries where they are beyond the reach of the law. We will continue our work with INTERPOL to bring other cybercriminals to justice.