A 62-year-old man identified as Ewere George Osas alongside his wife have been arrested by the Operatives of Police Special Fraud Unit (PSFU) Ikoyi, Lagos for their involvement in cyber fraud.
The duo were arrested for alleged offences bordering on Conspiracy, Cyber Fraud/Business Email Compromise, Criminal Conversion/Diversion and Stealing the sum of Fifty-One Million, Nine Hundred and Seventy-Four Thousand, Nine Hundred and Ninety-Nine Naira (N51,974,999.99).
Spokesperson for SFU, SP Eyitayo Johnson, in a statement on Monday, March 28, said the arrest follows a petition addressed to the Commissioner of Police, Police Special Fraud Unit by the Law Firm of Athan Ogbulie & Co. alleging diversion of the aforesaid sum during Inter-Bank wire transfer of the funds.
The suspect and members of the syndicate targeted and compromised the email accounts of businesses that frequently make wire payments and waited for the right time to substitute the original account that should receive the money.
According to the suspect, the hack which happened in February 2022 was achieved by spoofing the victim company’s email account/website which makes it possible to carry out slight variations to the legitimate email address of the company in order to fool the victim into thinking the fake accounts are authentic. Spear phishing emails were also sent to the company to gain access to company accounts, calendars and data.
Some of the monies which were diverted into accounts belonging to the suspect, his wife and daughter in five different Banks have been recovered as exhibit while effort is on to locate the rest of the funds and other members of the syndicate.
Part of the money was also discovered to have been withdrawn via POS and ATM at different locations.
The suspects will be charged to Court as soon as investigation is concluded.
Consequently, the Commissioner of Police, Police Special Fraud Unit; CP. Anyasinti Josephine Nneka advised individuals and businesses to take note of the following precautions in order to mitigate against BEC.
”Be careful of information shared online (e.g. pet names, birthday, etc).
Don’t click on anything in an unsolicited email/sms asking you to update or verify account information.
Carefully examine the email address, URL, and spelling used in any correspondence.
Set up two factor (or multi-factor) authentication on any account that allows it.
Be careful what you download. Never open an email attachment from someone you don’t know.
Verify payment and purchase requests in person, if possible; or by calling the person to make sure it is legitimate.”