Interpol nabs malware 'mastermind' implicated in Nigerian email scams

Interpol says the Nigerian, identified only as Mike, scammed $60 million from companies around the world. 

Marcio Jose Sanchez/AP
A global map tracks computer virus activity at the McAfee headquarters in Santa Clara, Calif., July 2013. A Nigerian man accused of scamming $60 million from companies around the world was arrested recently, Interpol announced Monday.

A Nigerian accused of scamming $60 million from companies around the world through fraudulent emails has been arrested after months of investigation, Interpol and Nigeria's anti-fraud agency said Monday.

One target paid out $15.4 million, according to a statement from Interpol.

The ringleader of a global scamming network, identified only as a 40-year-old known as Mike, was arrested along with a 38-year-old accomplice in Nigeria's oil capital, Port Harcourt, in June, said the statement. He is on administrative bail, which implies that officers do not yet have enough evidence to charge him in court. He faces charges including hacking, conspiracy and obtaining money under false pretenses, said the statement. 

The man is accused of leading a criminal network that compromised email accounts of small and medium-sized businesses around the world including in the United States, Australia, Canada, India, Malaysia, Romania, South Africa and Thailand. The statement didn't name any of the targets.

The network involved about 40 people in Nigeria, Malaysia and South Africa who provided malware and carried out the frauds, with money-laundering contacts in China, Europe and the United States providing bank account details.

A supplier's email would be compromised and fake messages sent to a buyer with instructions for payment to a bank account under the network's control, the statement said. Or the email account of a high-level executive would be taken over and a request for a wire transfer sent to an employee responsible for handling such requests.

Such crime "poses a significant and growing threat, with tens of thousands of companies victimized in recent years," Noboru Nakatani, executive director of the Interpol Global Complex for Innovation, said in a statement. "The public, and especially businesses, need to be alert to this type of cyber-enabled fraud."

“Basic security protocols such as two-factor authentication and verification by other means before making a money transfer are essential to reduce the risk of falling victim to these scams," said Mr. Nakatani. 

Nigeria is notorious for internet fraud. The U.S. Embassy says it receives inquiries every day from Americans who have been defrauded.

The Nigerian (419) Scam is a particularly common type of online fraud, according to an article Ned Smith contributed to TechNewsDaily in 2010:

This one, which plays on greed, is one of the oldest digital rip-offs on the books. You get an email from a wealthy Nigerian (fill in the appropriate country, this one travels well) who needs help in transferring millions of dollars from his homeland. If you are able to assist in the process, the email continues, you’ll receive a sizable cut of the fortune as a reward.

If you take the bait, you will be asked to put up some of your own money to smooth the transfer. It’ll be the last time you see that money or the scammers; there is no fortune that needs to be transferred other than yours. The number “419” refers to the article of the Nigerian Criminal Code that deals with fraud. Any email from strangers that promises riches in exchange your help (read: money) and trust should be avoided. According to scambusters.org, the Nigerian Scam and its cousins still bilk people for between $100 million and $200 million each year.

" 'Mike’ first came onto the law enforcement radar through a report provided to Interpol by Trend Micro, one of its strategic partners," said the statement. 

“For a long time we have said in order to be effective, the fight against cybercrime must rely on public-private partnerships and international cooperation,” said Abdul Chukkol, head of the cybercrime section of the Nigerian Economic and Financial Crime Commission, in the statement. 

Mr. Chukkol said the transnational nature of business e-mail compromise makes it complex to crack, but the arrest sent a clear signal that Nigeria could not be considered a safe haven for criminals.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.