Houston police officers and FBI agents have arrested 36-year-old Cletus N. Anyanwu for masterminding an audacious cyber scam in 2018 that resulted in hackers stealing nearly $1 million from a company in New Zealand that intended to purchase an airplane from an Australian company.
While it may seem amusing that a company paid out nearly a million dollars to scammers instead of to the original recipient, the truth is that today’s scams are so foolproof and sophisticated that even the world’s largest corporations fail to spot large-scale frauds that ultimately result in huge financial losses.
According to Texas Police that announced the arrest of Cletus N. Anyanwu this week, Anyanwu masterminded the financial side of an elaborate cyber scam in 2018 that involved scammers infiltrating the email accounts of a company in New Zealand that was to purchase an airplane and an Australian company that was selling it.
The cyber crime gang led by Anyanwu interfered with the business emails between the New Zealand-based company and the Australian company and substituted the bank routing information on the deal by replacing the account details of the Australian company with details of bank accounts that were set up as part of the scam.
This way, the scammers were able to redirect two bank transactions for $15,000 and $913,000 to accounts in Houston. The high-value theft led to two and a half years of investigations that culminated in the arrest of Anyanwu. Texas Police claims that Anyanwu himself laundered as much as $300,000 of the stolen money himself.
“Cyber fraud is among the fastest-growing crimes in the world. Small businesses can be crushed, a government can be held hostage, or a corporation brought to a standstill all by hacking and fraud. We are dedicated to helping victims by bringing cyber terrorists and thieves to justice,” said Harris County District Attorney Kim Ogg.
“We’re trying to stop all kinds of computer and email scams, including business scams like this. This company lost a million dollars, and that money is just gone,” said prosecuting Attorney Keith Houston.
This is not the first time that a large corporation with sizable funds has been fleeced by scammers employing business email compromise tactics. In 2017, employees at India’s only government-owned airline company Air India fell for a phishing scam orchestrated by Nigerian hackers who posed as employees of Pratt & Whitney and duped the latter into transferring $300,000 (£230,905) to a bank account located in Nigeria.
In September 2017, a scammer also conned MacEwan University in Canada out of 11.8 million CAD after he convinced employees to change payment details for a vendor using email communications. After the phishing attack was discovered, the university said that “controls around the process of changing vendor banking information were inadequate, and that a number of opportunities to identify the fraud were missed.”
“In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million USD (approximately 3.2 billion Japanese Yen) of Nikkei America funds based on fraudulent instructions by a malicious third party who purported to be a management executive of Nikkei.
In December last year, a Lithuanian national was sentenced to five years in prison for stealing $121 Million (£92 million) from Google and Facebook between 2013 and 2015 by impersonating a vendor company in emails.
Rimasauskas impersonated a vendor company named Quanta Computer and demanded payments for goods and services from Google and Facebook employees. Once he received the said payments, he transferred the money to a number of banks located in countries like Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.