A U.S. judge has sentenced a Nigerian man to three years and five months in prison for his role in a business email compromise scam.
Reports in The Guardian said David Chukwuneke Adindu was sentenced by Manhattan District Judge Paul Crotty. Adindu was accused of facilitating a scam to defraud businesses of more than $25 million by sending fraudulent invoices that appeared to be legitimate bills from suppliers or company executives. Prosecutors also accused him of setting up bank accounts in China and Hong Kong to receive the fraudulent funds.
According to reports, the sentence was significantly less than the 97 to 121 months for which the federal guidelines call.
“I think the judge accurately assessed his relatively minor role in this conspiracy,” said Adindu’s lawyer, Gary Conroy.
Reports said Adindu was arrested in 2016 and allegedly carried out business email compromise scams between 2014 and 2016. Targets reportedly included a New York investment company that, according to court documents, received two requests for wire transfers totaling more than $100,000.
The sentence follows charges by the U.S. Department of Justice last March against a Lithuanian man for his alleged role in criminal activities including business email compromise scams between 2013 and 2015. Those activities led to $100 million stolen from businesses that reportedly saw sent fake invoices to their accounts payable departments, according to the DoJ.
The business email compromise is an increasingly common fraud method targeting businesses. Researchers at TD Bank found approximately one-fifth of financial professionals that were hit with some type of fraud in the last year said it came in the form of the business email compromise, making it the most common tactic, though account takeovers were nearly as common.
The study, which surveyed financial professionals at the NACHA Payments 2017 conference, also found data breaches at 15 percent of firms that had been hit by some type of fraud.