A Nigerian extradited to the US had pleaded guilty to his part in a multimillion-dollar business email compromise (BEC) conspiracy.
Kosi Goodness Simon-Ebo, 29, pleaded guilty late last week to conspiracy to commit wire fraud and conspiracy to commit money laundering.
From February to July 2017, he conspired with several others, including some living in Maryland, to illegally access victims’ email accounts and trick victims into wiring funds to bank accounts under their control using spoofed emails.
At the same time, Simon-Ebo and his co-conspirators laundered the stolen funds by transferring money received into these bank accounts to others, withdrawing cash, obtaining cashier’s checks and by writing checks to other entities and individuals, according to court documents.
They intended to steal close to $7m but actual losses were just over $1m, with Simon-Ebo having “direct control” over $45,925 of the funds, according to the Department of Justice (DoJ).
As part of the plea agreement, Simon-Ebo will be required to pay a “money judgement” of $45,925 and also full restitution for victims’ losses, of at least $1,072,306.
He’s also facing a maximum jail term of 20 years behind bars for the wire fraud conspiracy and money laundering conspiracy charges.
Simon-Ebo was extradited from Canada to the US on April 12 2023.
BEC remains one of the surest ways for cyber-criminals to make money. It was the second highest earning cybercrime type last year, accruing over $2.7bn for scammers, according to crimes reported to the FBI.
Separate data from Secureworks in March revealed the number of business email compromise (BEC) incidents doubled last year, replacing ransomware as the most prolific cybercrime category.