If convicted, Adejorin faces a maximum sentence of 20 years in prison for each of five counts of wire fraud; a maximum of five years in prison for unauthorised access to a protected computer; and a mandatory sentence of two years in federal prison, consecutive to any other sentence imposed, for each of the two counts of aggravated identity theft.
Nigerian Arrested In Ghana Over Alleged $7.5m BEC Fraud
A Nigerian man, Olusegun Samson Adejorin, has been arrested and charged with wire fraud, aggravated identity theft, and unauthorised access to a protected computer related to a $7.5 million scheme.
Leadership Newspaper reports that Adejorin allegedly defrauded two charitable organisations by impersonating employees and gaining access to the employees’ email accounts.
According to a statement issued by the United States Attorney’s Office for the District of Maryland, Adejorin faces an eight-count federal grand jury indictment.
“According to the eight-count indictment, between June and August 2020, Adejorin perpetrated a scheme to defraud Victim 1, a charitable organisation located in North Bethesda, Maryland and Victim 2, a charitable organisation located in New York, New York by gaining access to employee email accounts and impersonating employees to induce financial transactions.
“The indictment alleges that Adejorin posed as an employee of Victim 2 to request withdrawals of Victim 2’s funds from Victim 1, a charitable organisation that provided investment services to Victim 2. Withdrawals over $10,000 required approval from at least one of several individuals authorised by Victim 1. According to the indictment, Adejorin fraudulently obtained the credentials of employees at Victim 1 and Victim 2 and posed as those employees to send emails from their accounts, including emails making fraudulent requests for the withdrawal of investment funds.
“As part of the scheme, Adejorin also allegedly purchased a credential harvesting tool designed to steal email login credentials, registered spoofed domain names, and concealed the fraudulent emails from a legitimate employee by causing the fraudulent emails to be moved to an inconspicuous location within Employee 1’s mailbox,” the statement reads.