[BreachExchange] Nigerian entrepreneur pleaded guilty to $11M Caterpillar fraud

Destry Winant destry at riskbasedsecurity.com
Mon Jun 22 10:21:29 EDT 2020


Nigerian entrepreneur Obinwanne Okeke is facing 20 years in prison
after pleading to conspiracy to commit wire fraud that caused US
Fortune 100 corporation Caterpillar $11 million in losses as part of a
business email compromise (BEC) fraud scheme.

The defendant, also known as 'Invictus Obi', was listed by Forbes on a
list of "Africa's 30 under 30" in 2016 after founding a group of
companies known as Invictus Group involved in telecoms, construction,
oil and gas, agriculture, and real estate.

"According to court documents, Obinwanne Okeke, 32, and other
conspirators engaged in a conspiracy from approximately 2015 to 2019
to conduct various computer-based frauds," a Department of Justice
press release says.

"The conspirators obtained and compiled the credentials of hundreds of
victims, including victims in the Eastern District of Virginia and

How it all went down

Okeke and his conspirators were able to successfully defraud Unatrac
Holding Limited, one of Caterpillar's export sales office, after
sending a phishing email to Unatrac's Chief Financial Officer (CFO)
and stealing his Microsoft Office 365 login credentials.

They later used his account for sending fraudulent wire transfer
requests to Unatrac's financial team in the form of fake invoices and
emails designed to look like they were sent by the CFO.

Okeke also added email filters to automatically mark legitimate emails
as read and moved them out of the CFO's inbox to hide any replies he
got from the recipients of the fraudulent wire transfer requests
containing fake invoices.

"In June, 2018, representatives for Unatrac Holding Limited, the
export sales office for Caterpillar heavy industrial and farm
equipment, headquartered in the United Kingdom, contacted the FBI," an
FBI affidavit issued in support of an arrest warrant and a criminal
complaint against Okeke reads.

"They reported that Unatrac had been victimized through an email
compromise, which ultimately resulted in fraudulent wire transfers
totaling nearly $11
million (11 million US Dollars)."

Proof is in the logs

After Unatrac's report and reviewing the documentation the company's
representatives provided as proof of the fraudulent wire transfers,
the FBI opened an investigation in July 2018.

During the investigation, they were able to link Okeke with multiple
Gmail email addresses used throughout the fraud scheme with the help
of a confidential source and login session cookies.

After analyzing server logs, an FBI agent also found that Okeke
accessed the CFO's account 464 times between April 6 and April, 2018,
mostly from Nigerian IP addresses.

An arrest warrant was issued in Okeke's name by the United States
District Court for the Eastern District of Virginia in August 2019.

On June 18, 2020, Okeke pleaded guilty to a conspiracy to commit wire
fraud and he will be sentenced on October 22 when he will be facing a
maximum penalty of 20 years in prison.

More information about the BreachExchange mailing list