Two Nigerians, Olayinka Olaniyi and Damilola Solomon Ibiwoye have been found guilty of duping staff of American universities.
Both men were living in Kuala Lumpur, Malaysia, at the time they committed the fraud, and were extradited to the US to face the charges.
Olaniyi and Ibiwoye were convicted of sending scam emails targeted at college and university employees, after which they obtained their login details, which they used to steal payroll deposits. They also engaged in online dating scams to lure innocent victims into releasing their account details, into which deposits from the illegally-obtained funds were made.
While Olaniyi is scheduled to be sentenced on October 22, 2018, at 10a.m. before US District Judge Steve C. Jones, Ibiwoye, who had earlier pleaded guilty to the offence, had been sentenced on January 31, 2018 to three years and three months in prison, to be followed by three years of supervised release.
Sharing information on their arrest and subsequent convictions, a release by the Department of Justice, US. Attorney’s Office, Northern District of Georgia, dated Monday, August 13, 2018, quoted US Attorney Byung J. ‘BJay’ Pak, as saying: “These defendants used trickery to lure and exploit their unsuspecting victims, but they will now face the consequences of their scheme in federal prison.”
According to Pak, the duo were behind “phishing scams” that targeted institutions in the US, including the Georgia Institute of Technology (“Georgia Tech”) and the University of Virginia.
The statement read: “A ‘phishing scam’ is the act of sending fraudulent emails that appear to come from legitimate enterprises for the purpose of tricking the recipients into providing personal information, including usernames and passwords.
“Olaniyi and Ibiwoye directed phishing emails to college and university employees. Once they had possession of employee logins and passwords, they were able to steal payroll deposits by changing the bank account into which the payroll was deposited. Also, while logged into the university system through the stolen logins and passwords, these defendants were able to gain access to employee W2 forms, which they used to file fraudulent tax returns. The attempted theft was over $6 million.
“The stolen funds were routed into U.S. bank accounts, and the evidence showed that access to these bank accounts was acquired through the use of romance scams, where fraudsters pose on dating sites and apps as potential partners to gain the trust of their victim. At some point, the fraudster will make a request to deposit money into their victim’s account and claim to need all of the account information, including their account number, routing number, passwords, and answers to security questions. In this case, all of that information was then used to funnel the proceeds of theft through those accounts and out of the country.”
Speaking on the arrest, J.C. ‘Chris’ Hacker, Special Agent in Charge of the FBI Atlanta Division, expressed his organisation’s determination to “arrest criminals who believe they can hide out on the internet, protected by geographic boundaries, and prey on the American people and our institutions”.
He also praised what he described as “the benefits of global cooperation between the United States and international law enforcement”.
According to the release, the case was investigated by the Federal Bureau of Investigation, while Assistant U.S. Attorney Jeffrey A. Brown, Deputy Chief of the Complex Frauds Section, and Special Assistant U.S. Attorney Laura D. Pfister handled the prosecution.