Ghana works with FBI to take down online fraud targeting US companies
Several US firms were recently targeted by online fraudsters who used elaborate scamming schemes to dupe them into incurring devastating financial losses. Ghana’s Economic and Organised Crime Office teamed up with American authorities to tackle online criminals residing in the country.
Ghana's EOCO Joins in US Operation Keyboard Warrior
The US Department of Justice recently launched a coordinated law enforcement effort, called Operation Keyboard Warrior, in order to tackle an elaborate cyber-fraud conspiracy network that was based in various African countries. The operation ended up in the arrest of eight individuals, including Rashid Abdulai, a Ghanaian that is a New York resident, and Olufolajimi Abegunde, a Nigerian living in Atlanta, Georgia. Ghana’s EOCO unit also joined in the efforts of the Department of Justice and the FBI by helping in the overseas arrest and extradition of Ghanaians Maxwell Atugba Abayeta and Babatunde Martins, who had escaped to Ghana after committing the crime and were arrested in Accra.
According to the US Department of Justice, EOCO also helped in the arrest of Nigerian Benard Emurhowhoariogho Okorhi, also a Ghana resident. For their assistance, the Ghanaian EOCO received thanks and praise from the US Department of Justice. It is estimated that the criminal network managed to defraud US businesses and citizens out of roughly $15 million. The perpetrators used a series of elaborate anonymization methods, such as using Virtual Private Networks and spoofed email accounts to target victims that carried out large financial transactions, most notably companies. They then sent fraudulent emails to dupe business employees into directing funds to accounts controlled by them.
Companies Targeted by BEC and Other Sophisticated Hacker Attacks
The money ended up in Africa through the help of money mules who transferred the funds over to the perpetrators. This type of online fraud is often referred to as BEC (business email compromise) and targets businesses with a high financial transaction volume. Businesses and individuals are increasingly targeted by online fraud in Africa and elsewhere – according to data released by South Africa’s Banking Risk Information Centre (SABRIC), new technologies have proven a catalyst for web banking crimes. According to SABRIC, 55% of the damages that were reported to the Centre were due to online crime, including losses of banks and their clients.
Phishing scams such as BEC are very common, targeting even Fortune 500 companies, but criminals also employ other more sophisticated methods such as SQL injection and XSS scripting when targeting companies. This highlights the need for businesses to implement comprehensive cyber-security plans and employ tools that can protect against SQL injection and other OWASP Top 10 threats, like a Web Application Firewall that filters malicious requests out of incoming traffic and protects web applications like log-in applications on a company’s website. In the case of Operation Keyboard Warrior, Africa-based perpetrators managed to commit intrusions into the email system as well as the servers of a real estate business that was based in Memphis, US. The intrusions took place over June and July of 2016 and the criminals ended up with hundreds of thousands of US dollars from Memphis-based enterprises and individuals.
US authorities have commended the efforts of Ghana’s EOCO and reiterated their resolve to unite in fighting online fraud all over the world.
