When employees get an email from their CEO asking them to do something, chances are they will do it — fairly quickly and with no questions asked.
Amechi Colvis Amuegbunam counted on it. And he was right.
Employees wired company money to where Amuegbunam told them — most often foreign banks. He pulled it off by cleverly creating email accounts that made it appear as if he were a company executive, authorities said.
A federal judge sentenced him last week to 46 months in federal prison for duping more than 10 victims out of about $3.7 million.
He had faced up to 30 years in prison if convicted by a jury. Amuegbunam’s lawyer said in court documents that his client had no prior criminal record and was not a danger to society.
U.S. District Judge Ed Kinkeade also ordered Amuegbunam to pay $615,555 in restitution for his use of the latest cyberattack known as a “business email compromise” scheme. It’s become the crime of choice for some organized crime groups from Africa, Eastern Europe and the Middle East, the FBI says.
Amuegbunam, 30, of Nigeria, was living in the U.S. on a student visa at the time, court records show.
He sent emails that looked like forwarded messages from top company executives to employees who had the authority to wire money. Amuegbunam tricked the employees into wiring him money by transposing a couple of letters in the actual company email, authorities said.
Ezekiel “Zeke” Tyson, his attorney, said he was pleased with the sentence his client received.
“Amuegbunam has grown tremendously as a person and as a man throughout the process of this criminal case,” Tyson said. “He is absolutely one of the most intelligent and creative individuals I have ever represented.”
Tyson said his client will be deported back to Nigeria after serving his sentence, where he plans to become a farmer and produce organic pesticides.
“I expect once he puts his intelligence, creativity, and drive towards legitimate enterprises, he will have a very positive future,” Tyson said. “Amuegbunam also plans to do his best to repay the restitution he owes to the victim companies.”
Amuegbunam pleaded guilty in March to one count of conspiracy to commit wire fraud. He has been in custody since his arrest in Baltimore in August 2015.
The FBI issued an alert last year about the scam, saying it is “more sophisticated than any similar scam the FBI has seen before.” As of last year, more than 7,000 U.S. businesses had lost about $740 million from the scheme, the bureau said.
Investigators learned about Amuegbunam’s trickery in 2013 when two North Texas companies fell victim, court documents say.
In the case of Luminant Corp., an electric utility company in Dallas, an employee with the authority to wire money received an email from someone who appeared to be a company executive, a federal complaint said.
But the email domain name had two letters transposed. For example, someone created the email with a domain name of lumniant.com.
The duped employee wired $98,550 to a bank account in London.
The FBI subpoenaed information about the email account and learned it was created by someone named Colvis Amue, the complaint said.
Agents determined that person was Amuegbunam and that he scammed another company out of $146,550, according to the complaint.
“The Dallas FBI quickly learned that this was a widespread scheme,” the complaint said.
“We appreciate the efforts of both the Dallas office of the FBI and the U.S. attorney’s office for identifying this criminal and putting an end to this particular operation,” said Luminant spokeswoman Meranda Cohn.
The FBI identified five other conspirators who live in Nigeria who are subjects of the investigation.
In these scams, “money mules” are employed to accept the initial transfers into their personal bank accounts. They then are told to quickly transfer the money elsewhere, usually to a bank account outside the U.S. The money usually ends up in Asian banks, including those in China and Hong Kong, the FBI alert said.
The criminals have become experts at imitating invoices and accounts, agents say. The fraudulent emails are typically well-worded and specific to the type of business being targeted, the FBI says. The phrases, “code to admin expenses” and “urgent wire transfer,” are frequently used.
In one recent case provided by the FBI, a company accountant received an email from her chief executive, who was on vacation outside the country. He asked her to transfer money for a “time-sensitive acquisition” before the day’s end, according to the FBI. The executive said a lawyer would contact her with more information.
The accountant said such requests were not unusual.
The lawyer sent her an email with her CEO’s signature on a letter of authorization with the company’s seal that was attached. The email gave her instructions to wire more than $737,000 to a bank in China.
The accountant learned about the scam when the CEO called the next day, saying he knew nothing about the wire transfer request.
The FBI said criminal groups usually target businesses that have foreign suppliers or regularly make wire transfer payments.
“They have excellent tradecraft, and they do their homework,” said Maxwell Marker, an FBI agent who oversees an organized crime section, in the agency bulletin. “The days of these emails having horrible grammar and being easily identified are largely behind us.”