Experts proffer solutions to growing notoriety of Nigerian fraudsters overseas

For most deposit account holders, IT expert Desmond Okeowo confirmed a nascent fear in just six words: “Cyber fraud has come to stay.”

The CEO, Enviroque Technologies Ltd, who spoke to Sunday PUNCH in an interview, explained that the thirst for cyber fraud could embolden intelligent people to beat the existing system of computers and divert money belonging to other people.

The Federal Bureau of Investigation website says “Nigerian letter or ‘419’ fraud” combines the threat of impersonation fraud with a variation of an advance fee scheme where a letter mailed or emailed from Nigeria offers the recipient the “opportunity” to share in a percentage of millions of dollars that the author—a self-proclaimed government official—is trying to transfer illegally out of Nigeria.

It adds, “The recipient is encouraged to send information to the author, such as blank letterhead stationery, bank name and account numbers, and other identifying information using a fax number given in the letter or return email address provided in the message.

“The scheme relies on convincing a willing victim, who has demonstrated a ‘propensity for larceny’ by responding to the invitation, to send money to the author of the letter in Nigeria in several instalments of increasing amounts for a variety of reasons.”

But as recent cases have shown, these 419 scams evolve with technology.

On May 14, as he prepared to fly first class to Nigeria, the now suspended senior special assistant to the Ogun State governor, 42-year-old Abidemi Rufai, was arrested at the John F. Kennedy International Airport in New York, United States, for allegedly stealing over $350,000 in unemployment benefits from the Washington State Employment Security Department.

The US Department of Justice said Rufai, who has since been indicted for conspiracy, wire fraud and aggravated identity theft, used the stolen identities of more than 100 Washington residents to file fraudulent claims with the ESD for pandemic-related unemployment benefits.

The case is under investigation by the FBI, the US Secret Service, and the US Postal Inspection Service, among others.

The Co-founder/Chief Operating Officer, Digital Encode Ltd, Dr Adewale Obadare, noted that Rufai’s scam was not sophisticated but a mere exploitation of the inherent vulnerabilities of the protocol governing the operation of the Internet—Transmission Control Protocol/Internet Protocol.

According to Obadare, such instances are the reason cybersecurity professionals build a layer of security on the TCP/IP.

He added, “There is a vulnerability with Gmail. For instance, if my email address is [email protected], I can also do [email protected], and write it in different ways. That was what he (Rufai) did to be able to claim those unemployment funds. So, it’s an issue of duplicating identities, but it was possible because of that fundamental flaw that has to do with the TCP/IP.

“Unfortunately for him, the US Government noticed him because when they saw those transactions coming in, the FBI got a subpoena to tell Google to open his email and they discovered that it was the same guy using several email addresses to claim unemployment funds. That is where Nigeria has to get to.

“Also, the Nigerian number he used was linked to those (email) addresses and he used the (home) address of his brother who lives in New York as the delivery address. Another factor is that everything in the US is automated, unlike in Nigeria where there is still a bit of manual TCP. But then, sometimes, people that understand that system can exploit it just like in this case.”

The chartered IT professional added that there must be a means of validation, advising bank account holders to “always make sure you validate any transaction before you process it.”

Perhaps the highest profile 419 arrest called to mind is that of Instagram celebrity, 38-year-old Ramon Abbas aka Hushpuppi, whose Palazzo Versace apartment was raided in June 2020 by security agents in Dubai, United Arab Emirates before he was extradited to the US.

The US justice department cited an affidavit, which alleged that Abbas conspired to launder funds stolen in a $14.7m cyber-heist from a foreign financial institution in February 2019, in which the stolen money was sent to bank accounts around the world.

He and others were also accused of conspiring to launder “hundreds of millions of dollars from other fraudulent schemes and computer intrusions, including one scheme to steal £100m (approximately $124m) from an English Premier League soccer club.”

Abbas faces 20 years’ imprisonment for his alleged crimes.

In the same vein, Obinwanne Okeke aka Invictus Obi, 33, was sentenced on February 16, 2021 to 10 years in a US prison for his involvement in a multi-year global business email and computer hacking scheme that caused approximately $11m in known losses to his victims.

According to court documents, Okeke operated a group of companies known as the Invictus Group based in Nigeria and elsewhere. From approximately 2015 to 2019, Okeke and others engaged in a conspiracy to conduct various computer-based frauds by obtaining and compiling the credentials of hundreds of victims.

Checks by Sunday PUNCH showed that, while over 100 unidentified Nigerians around the world have been arrested since 2016 for their involvement in cyber fraud cases, at least 31 identified Nigerians were arrested in the US, Thailand, Ireland, India, the Philippines and Malta in the five-year period.

The CEO, Aviva Digital Ltd, Mr Michael Oseji, attributed the rise in fraud-related cybercrimes among Nigerians abroad to greed and the nation’s economic challenges in Nigeria, describing Rufai’s case as driven by greed.

He said, “For a person like him, I expect that he would have known that there is no room for ghostlike activity because you leave a footprint online, no matter what you do. The moment you open a Facebook, Instagram, LinkedIn, Gmail or Yahoo mail account, you leave a footprint.

“In everything you do online, you leave a footprint and now we are doing cloud storage. The governor’s aide was traced via his cloud storage, which makes it easier for them (US) to track and trace you wherever you are. Even when you transfer the money back to Nigeria, they know where the money is and how you spent it.”

Okeowo, who described the attraction to cyber fraud as innate, called on financial institutions to beef up their security and find ways to safeguard depositors’ money.

  Copyright PUNCH.

All rights reserved. This material, and other digital content on this website, may not be reproduced, published, broadcast, rewritten or redistributed in whole or in part without prior express written permission from PUNCH.

Contact: [email protected]


Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.  Learn more