Watch Out, Nigerian Princes Are Using Bitcoin and VPNs Now

by James A. Bacon

Nigerian scam artists are upping their game. Ten or twenty years ago, they bombarded the Internet with tales of African potentates and lost fortunes that only the favored email recipient could help recover… if he or she could provide a small bank deposit first. There were so many of these entertaining missives that they constituted a literary genre all their own. I saved literally dozens of them with the thought that they might be worth packaging into a book one day, but in a fit of madness, I deleted them all to clear out my computer. I hope someone else saved them for posterity.

Sadly (from a literary perspective), the flood of emails ended almost as suddenly as it began as Americans grew wise and law enforcement authorities cracked down. But the Nigerian scam artists did not disappear, it appears. Ever-resilient, they reinvented themselves for the cyber era.

And Virginia Commonwealth University was a victim, having wired out $470,000 in the belief that it was paying bills to construction company Kjellstrom and Lee. In August a man with dual United Kingdom and Nigerian citizenship, Olabanji Oladotun Egbinola, was extradited to the U.S. in connection with the case. The latest wrinkle on the news story is that a Los Angeles-based businessman has been indicted on charges of laundering the money.

The U.S. Department of Justice summarizes the case as follows:

Egbinola and co-conspirators created and used a fraudulent email account that incorporated the name of a construction company that had a large, ongoing contract with the university. Using this email account, Egbinola and co-conspirators deceived the university into transferring $469,819.49 to a bank account controlled by Egbinola and co-conspirators. That money was quickly laundered and transferred overseas through numerous transactions. Evidence obtained during the investigation showed that Egbinola repeatedly accessed the email account used to defraud the Virginia university.

WRIC provides details. Using the name of Rachel Moore, the scammer persuaded a VCU employee that the account that normally received payments from the university was being audited, and that the money would have to be sent by wire transfer instead. Lending credibility to the scam, the Nigerians used the email address “accounts@kjellstromleegroup,” which resembled the company’s actual email address.

VCU’s bank contacted the university two weeks after the wire transfer with concerns that the transaction was fraudulent. It soon was discovered that Kjellstrom and Lee had no employee named Rachel Moore and had not requested a transfer.  Egbinola had set up a number of “lookalike” email addresses, paying with bitcoin and obscuring their IP addresses using a Verified Proxy Network, or VPN. FBI agents were able to track down the source of the emails initiating the scam. Agents then sent an email address made to appear as if it were from a VCU account, tracing the fraud to Egbinola. thus scamming the scammer.

Bacon’s bottom line. Ah, what a waste of talent. If only the scammers harnessed their creativity for good. Meanwhile, be ever-vigilant about “lookalike” URLs and email addresses.