Bank of America insider charged with money laundering over BEC scams


The US District Court for the Eastern District of Virginia has charged three men with aggravated money laundering and identity theft after allegedly running a professional email compromise (BEC) program.

BEC scams use a variety of tactics (including social engineering, malware, hacking, and phishing) to compromise or impersonate business email accounts with the ultimate goal of redirecting pending or future payments to customers. bank accounts under the control of a malicious actor.

The accused are Onyewuchi Ibeh, 21, of Bowie, Md., Jason Joyner, 42, of Washington, DC, and Mouaaz Elkhebri, 30, of Alexandria, Virginia.

Yesterday’s indictment alleges that the three men infiltrated corporate networks of small and large companies in the United States and around the world, between January 2018 and March 2020.

Actors accessed email servers and email accounts using employee credentials through phishing, as well as removing malware. Then they spent months intercepting communications and learning about billing systems, communication style, suppliers, customers, people responsible for transactions, and more.

Then, at the appropriate time, the crooks allegedly sent fake emails to an employee, presenting a payment request reflecting an actual transaction that needed to be paid at that time.

By using all the details of the actual transaction as full billing information, the players were able to divert the payment to their own bank accounts.

One of the case examples in the indictment seen by Bleeping Computer, mentions a single transaction of $ 356,954, sent by a victim in Boston to what she believed to be her business partner’s bank account.

In this case, the BEC actors registered a domain that was exactly the same as that of the victim’s partner, except for one misspelled character (typo-squatting). The actors used the domains to communicate directly with the victim, essentially mimicking the real partner’s email address.

In total, investigators linked Operation BEC to at least five victims and a total amount stolen of $ 1.1 million.

Example of operations
A sample of transactions showing amounts diverted to the accounts of the crooks.

The indictment says that each person had a distinct role in the BEC program. Ibeh handled the money laundering and transferred the money to the other two.

Elkhebri, being an employee of Bank of America and TD Bank between 2015 and 2018, opened bank accounts under the names of his co-conspirators and their victims, and he also forged bank entries.

Joyner would withdraw stolen funds from ATMs and send money to others.

Extract from the affidavit:

In response to legal proceedings, Bank of America produced personal files for Elkhebri, who worked there as a personal banker and relationship manager from 2015 to 2017. While at Bank of America, Elkhebri opened several accounts for conspirators, including an account I used for regime purposes.

In response to legal proceedings, TD Bank also produced personal files for Elkhebri, who worked there from 2017 to 2018. While at TD Bank, Elkhebri opened several conspiratorial accounts, including one that Ayeah used as part of the program.

If convicted, Elkhebri faces up to 52 years in prison, while the other two could face up to 20 years in prison because the gravity of their actions was less severe. These are maximum sentences, and the actual sentences should be shorter.

Leave a Comment

Trending this Week