Understand Your Rights. Solve Your Legal Problems
Wembley Multi-Academy Trust (WMAT) has fallen victim to a cyber scam, losing more than £385,000 after fraudsters posing as a construction company tricked the trust into making payments to the wrong bank account. Police have launched an investigation following the incident, which saw four payments made to the attackers in the past financial year.
The payments, intended for building work, were directed to an incorrect bank account after the supplier’s email was “tampered with,” causing the payments to be diverted. This incident has highlighted the risks of cyber fraud, especially in educational institutions.
Micon Metcalfe, a school business expert, commented on the situation, calling it a “warning and reminder” of the dangers posed by fraudsters. She added, “Anybody can be susceptible to this type of fraud. The only way to avoid it… [is] to be very vigilant around your controls for changing bank account details.”
Metcalfe went on to advise that schools and trusts should establish “a well-documented process before making changes to bank accounts,” and recommended that suppliers double-check their details before making any payments.
A Metropolitan Police spokesperson confirmed that they received a report of fraud from a trust in Brent in April last year. The investigation is ongoing.
According to the accounts for WMAT, which operates three schools in northwest London, the trust made four payments totalling £385,532 during the 2022-23 financial year for construction work. These payments were made to the incorrect account due to tampering with the supplier’s email.
Metcalfe pointed out that victims of such scams may be able to recover the stolen funds through insurance, although she noted, “it’s quite challenging.”
The number of cyber security incidents in education has been on the rise, with figures from the Information Commissioner’s Office (ICO) showing that incidents in the education and childcare sectors have reached a five-year high. In 2023, 353 incidents were reported, the highest number since 2019. In the first half of this year alone, 166 incidents were reported.
A survey by Teacher Tapp in September revealed that one in three secondary schools had experienced cyber-attacks in the past year. One anonymous teacher shared their experience of the chaos caused by a cyber attack at their school just before results day. The attack left staff “unable to access anything,” preventing them from preparing for the school year. Upon returning to school, they found that they “could not use the desktops and there were not enough laptops.”
Phishing attacks were the most common type of cyber threat, affecting 23 percent of secondary schools, according to the survey. The north-west region was the worst hit, with 40 percent of schools reporting cyber issues, compared to 28 percent in the east of England. Nine percent of headteachers described the attacks as “critically damaging,” and about 20 percent of schools were unable to recover immediately, with 4 percent taking more than half a term to get back to normal.
The survey also revealed that 33 percent of secondary teachers had not received any cyber-security training this year, further highlighting the need for increased awareness and preparation for such threats in the education sector.
Cyber fraud and scams targeting schools have become an increasing concern in the UK in recent years, with numerous high-profile incidents reported. Here are a few notable cases:
These incidents are part of a broader trend of rising cybercrime targeting schools, particularly through phishing, email tampering, and fraudulent invoicing schemes. The UK education sector has become a frequent target for cybercriminals due to the increasing reliance on digital communication and payments within schools.
A former analyst at Goldman Sachs has been ordered by a London court to pay £587,000 following his conviction for insider dealing and fraud. Mohammed Zina, who was found guilty last year and sentenced to 22 months in prison, must pay the amount based on the assets currently available to him.
On Wednesday, Southwark Crown Court issued the confiscation order, which totals £586,711 (€701,932), as confirmed by both the court and the Financial Conduct Authority (FCA), which brought the prosecution.
The court determined that Zina had benefited by £1.1 million from his illegal activities, which included insider trading and fraudulently obtaining loans from Tesco Bank. Zina was instructed to pay the confiscated amount from his present assets.
Related: Ex-Goldman Sachs Manager Claims £3.8M In Paternity Sex Bias Case
The 36-year-old was prosecuted alongside his brother, Suhail Zina, a former lawyer at the prestigious UK law firm Clifford Chance, in one of the FCA's most prominent insider trading cases in recent years. A jury unanimously found Mohammed Zina guilty on all nine counts of insider dealing and fraud. Suhail Zina was acquitted before the trial concluded after the FCA withdrew the fraud charges against him and the court ruled there was no case to answer.
The trial revealed that Zina made approximately £140,000 in profits from trading stocks, including those of semiconductor company Arm and pub chain Punch Taverns. His largest gain was a £55,000 profit from trading in US food firm Snyder’s-Lance. “I cannot help but feel pity for you, because you have thrown away what was undoubtedly a promising career in banking,” remarked Judge Tony Baumgartner at Zina’s sentencing in February last year. “Your reputation now is lost, and it is likely you will never be trusted to work in a position of such responsibility again.”
This case marked the FCA’s first insider dealing conviction in five years, following a period of inactivity partly caused by the Covid-19 pandemic and backlogs in the court system. However, the number of insider dealing cases has risen recently, with several now being heard in court.
Zina has been given three months to pay the confiscation amount. Failure to comply will result in a default prison sentence of five years.
“Insider dealing harms the integrity of our markets. As well as prosecuting insider dealers, we will not allow them to keep any part of their illicit profits,” said Therese Chambers, the FCA’s joint executive director of enforcement and market oversight, in a statement on Friday.
A representative for Zina has yet to respond to requests for comment.
A man from Bromley, England, has been sentenced to 27 months in jail for using gym members’ locker codes to access their bank accounts. Declan Murphy, 35, pleaded guilty to three counts of theft and 11 counts of fraud by false representation on January 17, 2025. He was also given a “Criminal Behaviour Order” that bans him from entering certain gyms nationwide.
Declan Murphy. Photo: City of London Police/X
Murphy’s scheme came to light after he used a series of false membership cards to access multiple gym chains in London. The incident that led to his arrest occurred on September 13, 2024, when he was in a gym between 8:10 and 9:25 a.m. Murphy observed a fellow gym member entering their locker pin, which was a four-digit code. The man did not realise that Murphy was watching as he entered the code.
Using the information, Murphy later gained access to the victim’s locker and stole both the victim’s bank cards and his phone. The phone was damaged beyond use, likely to prevent the victim from monitoring his bank transactions and immediately contacting his financial institutions. The damage to the phone provided Murphy with a window of opportunity to withdraw £500 from an ATM and attempt a purchase worth £5,400 at an Apple Store. The transaction was declined, but the theft and fraud were successful in part.
Murphy had committed similar offences earlier that year, with the September incident taking place while he was out on bail. Authorities also revealed that Murphy had been using gym membership cards under false names to access a variety of gyms, enabling him to target unsuspecting members.
The judge overseeing Murphy’s sentencing, Edward Connell, labelled the crimes “pre-planned” and “well-practised.” Detective Chief Inspector Kevin Ines from the City of London Police issued a warning to gym-goers about the need for caution when using locker codes. He urged people not to use the same pin for their gym lockers, phones, and bank cards, as it can provide criminals like Murphy with an easy way to exploit vulnerabilities.
“This case is a reminder that gym-goers should take care when entering their pin codes and ensure that they don’t reuse the same pin across multiple services,” said Ines. He continued, “People expect their belongings to be safe in their lockers, but unfortunately, this method of crime is becoming more common.”
As part of his sentence, Murphy has been banned from several health and fitness centres across the UK. His conviction highlights the increasing threat of personal security breaches in places where people typically feel their property is secure, such as gyms.
The Consumer Financial Protection Bureau (CFPB) sued the operator of Zelle and three of the nation’s largest banks for failing to protect consumers from widespread fraud on America’s most widely available peer-to-peer payment network.
Early Warning Services, which operates Zelle, along with three of its owner banks—Bank of America, JPMorgan Chase, and Wells Fargo—rushed the network to market to compete against growing payment apps such as Venmo and CashApp, without implementing effective consumer safeguards. Customers of the three banks named in today’s lawsuit have lost over $870 million over the network’s seven-year existence due to these failures.
The CFPB’s lawsuit describes how hundreds of thousands of consumers filed fraud complaints and were largely denied assistance, with some being told to contact the fraudsters directly to recover their money. Bank of America, JPMorgan Chase, and Wells Fargo also allegedly failed to properly investigate complaints or provide consumers with legally required reimbursement for fraud and errors. The CFPB is seeking to stop the alleged unlawful practices, secure compensation and penalties, and obtain other relief.
“The nation’s largest banks felt threatened by competing payment apps, so they rushed to launch Zelle,” said CFPB Director Rohit Chopra. “By failing to put in place proper safeguards, Zelle became a target for fraudsters, leaving victims to fend for themselves.”
Bank of America, N.A. is a national bank and subsidiary of the Bank of America Corporation, headquartered in Charlotte, North Carolina. As of June 30, 2024, Bank of America had over $2.5 trillion in consolidated total assets.
JPMorgan Chase Bank, N.A. is a national bank and subsidiary of JPMorgan Chase & Company headquartered in Columbus, Ohio, and the nation’s largest bank, with over $3.5 trillion in consolidated total assets as of June 30, 2024.
Wells Fargo Bank, N.A. is a national bank and subsidiary of Wells Fargo & Company headquartered in Sioux Falls, South Dakota. As of June 30, 2024, Wells Fargo had $1.9 trillion in consolidated total assets.
Early Warning Services, LLC is a financial technology and consumer reporting company based in Scottsdale, Arizona. Early Warning Services designed and operates the Zelle network. It is co-owned by seven of the largest banks in the United States: Bank of America, Capital One, JPMorgan Chase, PNC Bank, Truist, U.S. Bank, and Wells Fargo.
Zelle allows near-instant electronic money transfers through linked email addresses or U.S.-based mobile phone numbers, known as “tokens.” Users can create multiple tokens across different banks and quickly reassign them between institutions, a feature that has left consumers vulnerable to fraud schemes.
The CFPB alleges widespread consumer losses since Zelle’s 2017 launch due to the platform’s and the defendant banks’ failure to implement appropriate fraud prevention and detection safeguards. The CFPB alleges that Bank of America, JPMorgan Chase, Wells Fargo, and Early Warning Services violated federal law through critical failures including:
Leaving the door open to scammers: Zelle’s limited identity verification methods have allowed fraudsters to quickly create accounts and target Zelle users. For example, criminals often exploited Zelle’s design and features to link a victim’s token to the fraudster’s deposit account, which caused payments intended for the consumer’s account to instead flow to the fraudster account. Allowing repeat offenders to hop between banks: Early Warning Services and the defendant banks were too slow to restrict and track criminals as they exploited multiple accounts across the network.
Banks did not share information about known fraudulent transactions with other banks on the network. As a result, bad actors could carry out repeated fraud schemes across multiple institutions before being detected, if they were detected at all. Ignoring red flags that could prevent fraud: Despite receiving hundreds of thousands of fraud complaints, the defendant banks have failed to use this information to prevent further fraud.
They also allegedly violated the Zelle Network’s own rules by not reporting fraud incidents consistently or on time. Abandoning consumers after fraud occurred: Despite obligations under the Electronic Fund Transfer Act and Regulation E, the defendant banks failed to properly investigate Zelle customer complaints and take appropriate action for certain types of fraud and errors. Enforcement Action Under the Consumer Financial Protection Act, the CFPB has the authority to take action against institutions violating consumer financial protection laws, including engaging in unfair, deceptive, or abusive acts and practices.
The CFPB’s lawsuit seeks to halt unlawful conduct, obtain restitution for harmed consumers, and obtain a civil money penalty, which would be paid into the CFPB’s victims relief fund, and secure other appropriate relief.
Proliferation of Scams The holiday season in particular can bring a surge of scams. Learn more about common types of scams from the CFPB’s online resources. Consumers can submit complaints about financial products and services, including scams on payment networks, by visiting the CFPB’s website or by calling (855) 411-CFPB (2372).
Employees who believe their company has violated federal consumer financial protection laws are encouraged to send information about what they know to whistleblower@cfpb.gov. To learn more about reporting potential industry misconduct, visit the CFPB’s website.
Gen Digital Inc., formerly known as Symantec Corp., based in Tempe, Arizona, has agreed to a significant settlement of $55.1 million, concluding a decade-long legal battle under the False Claims Act. The settlement follows a four-week bench trial and includes $16.1 million in damages and $36.8 million in civil penalties, in addition to post-judgment interest and other associated costs.
The lawsuit centered on allegations that Symantec knowingly misrepresented its commercial pricing during the negotiation of a General Services Administration (GSA) contract. These misleading practices, spanning from 2006 to 2012, caused the GSA to accept and pay inflated prices for Symantec's products and services. The company’s failure to disclose accurate pricing information and their repeated breach of the Price Reduction Clause, which mandates GSA contractors to maintain competitive pricing, led to the government being overcharged.
“The department will hold accountable contractors that knowingly overcharge the United States to enrich themselves,” said Brian M. Boynton, Principal Deputy Assistant Attorney General of the Civil Division. “The years spent litigating this case and taking it to trial demonstrate the department’s steadfast commitment to protecting taxpayer funds.”
The case, titled United States ex rel. Morsell v. Symantec Corp., was filed under the qui tam provision of the False Claims Act. This provision allows whistleblowers to file lawsuits on behalf of the government and receive a portion of the recovery. The case was initiated by Lori Morsell, a former employee of Symantec, who managed the relevant contract. While her share from the settlement has not been finalized, her whistleblower actions played a pivotal role in bringing the fraudulent claims to light.
Matthew M. Graves, U.S. Attorney for the District of Columbia, emphasized that this case sends a strong message to contractors who attempt to defraud the government. "“The trial team secured a $55 million judgment that holds accountable a contractor who intentionally tried to overbill the government. Because these schemes steal taxpayer dollars, the United States Attorney’s Office for the District of Columbia will be steadfast in its efforts to bring fraudsters to justice no matter the complexity of the matter, pursuing them through trial, if necessary, to secure a just outcome.” Mr. Graves said.
A Florida man has been arrested for impersonating tech billionaire Elon Musk in an attempt to defraud a 74-year-old woman out of at least $250,000, according to law enforcement officials. Jeffrey Arthur Moynihan Jr., 56, was taken into custody in Bradenton on Tuesday evening and is facing charges of grand theft.
Moynihan allegedly posed as the CEO of Tesla and SpaceX, building a friendship with the victim, a woman from Texas, through Facebook starting in 2023. As part of the scam, the victim was promised an extraordinary return on investment of $55 million.
According to investigators, the victim’s husband revealed that she had been duped into relinquishing nearly $600,000 in total, with $250,000 of that amount traced to accounts linked to Moynihan. The victim was convinced she had invested her money directly with Elon Musk and felt a strong personal connection with him.
Detective Jim Curulla of the Bradenton police received a lead from authorities in Frisco, Texas, who were probing an incident involving a woman who purportedly donated a significant amount of money to an organization impersonating a tech billionaire, as stated by a department spokesperson.
The scam began when the fake Musk gained the victim’s trust, suggesting she invest in his businesses. Over time, the victim made several financial transactions, believing she was supporting Musk’s ventures. To strengthen his ruse, Moynihan would frequently update the victim with fabricated details about Musk’s daily activities, often referencing recent news articles to make the interactions feel more personal.
The investigation began after Texas authorities uncovered a similar case, with a woman donating a large sum of money to a fake Musk organization. Through further investigation, authorities discovered that Moynihan had received the victim’s $250,000 through his business, Jeff’s Painting and Pressure Washing LLC. Additionally, records revealed other funds from the victim were deposited into accounts tied to Moynihan.
During his arrest, Moynihan was found shirtless at his residence, where he questioned the charges of grand theft, asking, "Grand theft of what?" Officers informed him that a detective would provide further details. Moynihan later claimed that the $250,000 was meant for a girlfriend with whom he had an online-only relationship, raising the possibility of him being involved in a separate fraudulent scheme.
A former official from Santa Cruz County, Arizona, has pleaded guilty to multiple criminal charges, including embezzlement, money laundering, and tax evasion, after misappropriating over $38 million in county funds from 2014 to 2024.
Elizabeth Gutfahr, 62, who served as the County Treasurer for over a decade, is accused of diverting these funds for personal gain, leading to significant losses for the county and tax violations exceeding $13 million.
Court documents reveal a detailed picture of Gutfahr's illegal activities during her tenure as County Treasurer from 2012 to 2024. Gutfahr orchestrated a complex scheme that involved transferring county funds into business accounts she had set up for the sole purpose of funneling the money into her personal finances.
From these fraudulent accounts, she diverted the funds into her personal accounts, where she used the money for various personal expenditures, including purchasing real estate, acquiring at least 20 vehicles, covering costs for her family ranch, and managing her cattle business.
“Elizabeth Gutfahr stole $38 million from the people of Santa Cruz County, Arizona, during the 12 years she served as their County Treasurer,” stated Nicole M. Argentieri, Principal Deputy Assistant Attorney General for the Justice Department’s Criminal Division. “We expect public officials to serve as stewards of the government fisc — not to loot it. Today’s plea demonstrates yet again that the Justice Department remains committed to rooting out public corruption at all levels of government.”
To carry out the embezzlement, Gutfahr utilized a series of wire transfers—187 in total—by circumventing the two-step approval process required for such transfers. She accomplished this by exploiting the access of a subordinate employee's token, allowing her to initiate and authorize the wire transfers herself.
In addition, Gutfahr falsified numerous financial documents, including accounting records, cash reconciliation statements, and reports on the county’s investment accounts, to hide her illegal activities and obscure the trail of misappropriated funds.
Moreover, Gutfahr neglected to report the stolen funds as income, committing tax evasion on more than $13 million in unreported earnings.
The case has drawn strong reactions from law enforcement and legal authorities, who emphasize the importance of accountability for public officials. U.S. Attorney Gary Restaino for the District of Arizona stated, “Local property taxes fund our communities, enrich our schools, and shape our futures."
The FBI and IRS Criminal Investigation (IRS-CI) have been key players in bringing the case to light. Special Agent in Charge Carissa Messick of the IRS Criminal Investigation Phoenix Field Office remarked, “We cannot overemphasize our dedication to rooting out public corruption from our communities. I am proud of the dedicated work IRS-CI special agents put into investigating this case alongside our fellow law enforcement agencies. Through her embezzlement scheme, Elizabeth Gutfahr stole from the very constituents who elected her. Let this guilty plea serve as a reminder to all who are tempted to use their positions of power to enrich themselves at the cost of the American people: IRS-CI special agents are experts at following the money, and we will continue to investigate allegations of fraud at all levels.”
Elizabeth Gutfahr is set to be sentenced on February 6, 2025. She faces a maximum sentence of 10 years for embezzlement, 20 years for money laundering, and five years for tax evasion.
Additionally, she is expected to make restitution to Santa Cruz County or other identified victims for the total amount of stolen funds. A federal district court judge will determine the final sentence based on the U.S. Sentencing Guidelines and other relevant considerations.
Energy Executive Francesco Mazzagatti Faces Legal Action Over Alleged €143.8 Million Misappropriation in RockRose Acquisition.
API claims that Mazzagatti, who was the CEO of the firm until 2020, faked bank statements, forged board documents, and misdirected payments meant for MHPC to his control. API alleges that he used the misappropriated funds to acquire a majority share in RockRose Energy, a UK-based energy company Viaro Energy purchased for £247 million in 2020.
The lawsuit states that Mazzagatti secretly opened accounts in the UAE and Singapore, through which customers paid for petrochemical products from MHPC. It also claims he used falsified financial documents to cover up the fraud, including a fake bank statement presented to the API board in 2021 showing a balance of nearly €25.8 million. The total amount misappropriated, according to API, is calculated to be €143.8 million, which was owed to MHPC by API.
The lawsuit further suggests that Mazzagatti may have used the stolen funds to support Viaro Energy’s £247 million acquisition of RockRose Energy, a transaction that raised concerns within the industry. Viaro reportedly secured a £250 million loan guarantee from Sheikh Zayed bin Surror bin Mohammed Al Nahyan of the Abu Dhabi royal family to facilitate the deal. This, according to the lawsuit, was intended to quiet objections from Taqa, Abu Dhabi’s state-owned electricity company, which was concerned that RockRose's cash would be used to pay for the acquisition, leaving the company unable to meet future liabilities, including decommissioning costs for its joint ventures.
Viaro Energy, under Mazzagatti’s leadership, became a significant player in the UK energy market after the acquisition of RockRose. However, the RockRose deal and the alleged financial misappropriation have sparked multiple legal battles.
API is accusing Mazzagatti of using fraudulent means to acquire his stake in RockRose Energy, including the use of misappropriated funds. Taqa has separately filed a lawsuit against Mazzagatti and Viaro, alleging financial misconduct related to the sale of an oilfield and the payment of an $84 million dividend prior to the deal.
Mazzagatti and his CFO, Francesco Dixit Dominus, deny all allegations of wrongdoing. They argue that the lawsuit is a vendetta orchestrated by Arshiya Jahanpour, a former business associate, who allegedly controlled API after 2018 and orchestrated the transfer of funds. They claim that the bank accounts involved in the alleged fraud were opened under Jahanpour’s direction and that Mazzagatti was not involved in their operation.
Mazzagatti and Dixit Dominus's legal team asserts that API's claims are unfounded and that the financial transfers in question were legitimate. They further argue that Jahanpour, not Mazzagatti, was the real operator of API, and that the funds in question were procured by Jahanpour. According to the defense, the allegations against Mazzagatti and Dixit Dominus are part of an effort to wrongly assign liability for actions they did not commit.
Mehr Petrochemical Co., a key player in the dispute, was placed under U.S. sanctions in 2023, prohibiting American entities from doing business with the company. The U.S. Treasury Department has stated that Mehr was involved in facilitating transactions for the Iranian government. The legal ramifications of these sanctions may impact the ongoing litigation and any potential liabilities Mazzagatti could face from the broader international financial community.
California Residents Sue Ubisoft Over "The Crew" Shutdown, Claim Fraud and Misrepresentation.
The lawsuit, filed in a California court, claims that Ubisoft misled consumers into believing they had purchased a full, functional copy of the game that would remain playable in offline mode—even after the servers were shut down.
The plaintiffs, who purchased The Crew in 2018 and 2020, argue that Ubisoft’s packaging and advertising falsely represented that the game was entirely encoded onto physical discs and that an offline version would always be accessible. According to the lawsuit, Ubisoft’s failure to clearly disclose that The Crew was primarily an online-only game violated California’s Unfair Competition Law and resulted in fraud and misrepresentation.
The suit, which aims to become a class action, highlights several legal grievances, including:
The plaintiffs contend that Ubisoft’s decision to shut down the servers for The Crew without providing an offline version, unlike some of the company’s other games such as Assassin’s Creed 2 and 3, was both deceptive and unfair. Ubisoft had previously promised offline versions for The Crew 2 and The Crew Motorfest but did not extend this to the original The Crew. This has left players unable to access even the single-player portion of the game they had purchased.
The lawsuit also includes an analogy comparing Ubisoft’s actions to a pinball machine manufacturer entering someone’s home and removing key parts of the machine, rendering it unplayable. While the analogy may seem exaggerated, it underscores the plaintiffs’ argument that they were misled into thinking they were buying a complete product—one that could be played at any time—only to find it essentially rendered useless after the servers were shut down.
While the lawsuit currently involves just two plaintiffs, their legal team is seeking class action status, which would allow other affected players to join the case. If successful, the class action could result in significant financial consequences for Ubisoft, including the potential for refunds and damages. The plaintiffs are demanding that Ubisoft return the full premium price paid for the game and cover legal expenses. Furthermore, they are asking the court to force Ubisoft to “disgorge all revenues obtained” from their alleged violations of California law.
The lawsuit has already garnered attention within the gaming community, as The Crew was a beloved title for many players. The plaintiffs also note the dissatisfaction voiced by other fans of the game on social media, with some users questioning why Ubisoft did not provide a proper offline mode for the original title.
As of now, Ubisoft has yet to respond to the lawsuit in detail, but the case presents a major challenge for the publisher. The suit claims that Ubisoft failed to live up to industry standards when it came to communicating the nature of the game, potentially opening the door for a more significant legal battle.
In summary, the lawsuit against Ubisoft seeks not only a refund for the plaintiffs but also aims to hold the company accountable for misleading customers and failing to deliver a product that could be used as promised. If the case becomes a class action, it could have far-reaching implications for the gaming industry and the way online-exclusive games are marketed and sold.
Related: Ubisoft Sued: Class Action Over Alleged Customer Data Sharing with Meta
British-Nigerian Sentenced to 7 Years for $5M Business Email Scam.
Oludayo Adeagbo, along with his accomplices Donald Echeazu and Olabanji Egbinola, used sophisticated techniques to impersonate reputable companies, particularly in high-value construction projects, to deceive organizations into transferring substantial sums of money to fraudulent accounts. The trio was extradited from the United Kingdom in August 2022 to face charges of conspiracy, wire fraud, and money laundering. Their criminal activities spanned multiple states, including North Carolina, Texas, and Virginia.
The BEC scheme primarily targeted educational institutions and construction projects, with the most notable fraud occurring at a university in North Carolina. Court documents reveal that Oludayo Adeagbo and his team registered a domain name nearly identical to that of the legitimate construction company overseeing the university project. They then created a fraudulent email account designed to resemble a company employee's address, which was used to trick university officials into transferring $1.9 million into a bank account controlled by the criminals.
The fraudulent operation did not stop there. Oludayo Adeagbo and his co-conspirators extended their tactics to Texas, where they targeted local government agencies and educational institutions, impersonating construction firms to siphon off an additional $3 million. In total, their criminal activities accumulated over $5 million in stolen funds.
On April 8, 2024, Oludayo Adeagbo pleaded guilty to the charges of conspiracy, wire fraud, and money laundering related to the frauds in both North Carolina and Texas. In addition to his seven-year prison sentence, Adeagbo was ordered to pay restitution in the amount of $942,655.03, compensating victims of the fraud scheme.
The U.S. Department of Justice highlighted that this case is part of a broader effort to combat the growing threat of business email compromise and other cyber-enabled financial crimes. BEC scams have become increasingly prevalent, with perpetrators exploiting technology and social engineering tactics to steal millions from businesses, government agencies, and educational institutions.
Business Email Compromise (BEC) is a growing form of cybercrime where criminals impersonate trusted entities, such as contractors, vendors, or executives, to deceive companies into making fraudulent wire transfers. These schemes typically involve the creation of counterfeit email addresses and domain names that closely resemble those of legitimate businesses. The criminals then use these fraudulent communications to manipulate victims into transferring money to accounts they control. As the digital landscape evolves, these types of scams have become more sophisticated, posing significant financial risks to organizations of all sizes.
Related: Siemens Energy guilty of wire fraud against GE and Mitsubishi
