In this case, Christian Akhatsegbe worked with others to defraud companies through fake invoices sent via stolen corporate credentials. Apparently the invoices looked real enough for one victim to pay nearly $1 million.
Other victims thought the invoices looked suspicious and did not pay.
In total, they sent almost $13 million in fake invoices and the victims paid just over $2 million.
Between approximately August 2019 through November 2020, Christian Akhatsegbe, together with his brother, Emmanuel Aiye Akhatsegbe, and others, engaged in spear phishing, credential harvesting, and business email compromise schemes, which involved sending phishing emails to employees of companies and agencies in the United States and the United Kingdom using stolen SendGrid email marketing accounts, stealing and harvesting the employee access credentials on computer servers, using the stolen credentials to access the victims’ computers, and then sending fraudulent invoices to victims requesting payment of funds to bank accounts in Hong Kong.
In November 2019, for example, an employee of a company in the United Kingdom received a phishing email, which resulted in their credentials being logged, stolen, and later stored on a computer server that was accessed and maintained by Christian Akhatsegbe and his conspirators. Using the stolen credentials, the conspirators sent an email to another employee of the company that appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $434,383.45 with wiring instructions to a bank in Hong Kong. The victim company later paid the fraudulent invoice and wired the funds to Hong Kong.
Similarly, in December 2019, using credentials stolen from a Massachusetts victim company employee, Christian Akhatsegbe and his conspirators sent an email to another employee of the company that appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $498,000 and requested that the victim send payment to a bank in Hong Kong. The victim paid the invoice, together with a second invoice in the same amount, wiring a total of $996,000 to a bank account in Hong Kong.
In January and April 2020, Christian Akhatsegbe and his conspirators perpetrated a similar scheme against two other United Kingdom-based companies, sending fraudulent invoices in the amount of $498,000 and $980,000, respectively. But these victim companies recognized the invoices as fraudulent and did not remit payment. In total, the conspirators sent victim companies fraudulent invoices in the amount of $12,861,290.59. Of this amount, victims paid invoices in the total amount of $2,268,329.69.
https://www.justice.gov/usao-ndga/pr/atlanta-man-sentenced-federal-prison-connection-multimillion-dollar-international
Further Reading:
- https://www.courtlistener.com/docket/67388315/united-states-v-akhatsegbe/
- https://www.databreaches.net/atlanta-man-sentenced-to-federal-prison-in-connection-with-a-multi-million-dollar-international-cyber-and-fraud-scheme/
- https://www.databreaches.net/atlanta-man-arraigned-on-federal-charges-in-connection-with-an-international-cyber-fraud-scheme/
- https://www.justice.gov/usao-ndga/pr/atlanta-man-arraigned-federal-charges-connection-international-cyber-fraud-scheme
- https://www.justice.gov/usao-ndga/pr/atlanta-man-sentenced-federal-prison-connection-multimillion-dollar-international
Leave a Reply