Watch Out, Nigerian Princes Are Using Bitcoin and VPNs Now

by James A. Bacon

Nigerian scam artists are upping their game. Ten or twenty years ago, they bombarded the Internet with tales of African potentates and lost fortunes that only the favored email recipient could help recover… if he or she could provide a small bank deposit first. There were so many of these entertaining missives that they constituted a literary genre all their own. I saved literally dozens of them with the thought that they might be worth packaging into a book one day, but in a fit of madness, I deleted them all to clear out my computer. I hope someone else saved them for posterity.

Sadly (from a literary perspective), the flood of emails ended almost as suddenly as it began as Americans grew wise and law enforcement authorities cracked down. But the Nigerian scam artists did not disappear, it appears. Ever-resilient, they reinvented themselves for the cyber era.

And Virginia Commonwealth University was a victim, having wired out $470,000 in the belief that it was paying bills to construction company Kjellstrom and Lee. In August a man with dual United Kingdom and Nigerian citizenship, Olabanji Oladotun Egbinola, was extradited to the U.S. in connection with the case. The latest wrinkle on the news story is that a Los Angeles-based businessman has been indicted on charges of laundering the money.

The U.S. Department of Justice summarizes the case as follows:

Egbinola and co-conspirators created and used a fraudulent email account that incorporated the name of a construction company that had a large, ongoing contract with the university. Using this email account, Egbinola and co-conspirators deceived the university into transferring $469,819.49 to a bank account controlled by Egbinola and co-conspirators. That money was quickly laundered and transferred overseas through numerous transactions. Evidence obtained during the investigation showed that Egbinola repeatedly accessed the email account used to defraud the Virginia university.

WRIC provides details.

Using the name of Rachel Moore, the scammer persuaded a VCU employee that the account that normally received payments from the university was being audited, and that the money would have to be sent by wire transfer instead. Lending credibility to the scam, the Nigerians used the email address “accounts@kjellstromleegroup,” which resembled the company’s actual email address.

VCU’s bank contacted the university two weeks after the wire transfer with concerns that the transaction was fraudulent. It soon was discovered that Kjellstrom and Lee had no employee named Rachel Moore and had not requested a transfer.  Egbinola had set up a number of “lookalike” email addresses, paying with bitcoin and obscuring their IP addresses using a Verified Proxy Network, or VPN. FBI agents were able to track down the source of the emails initiating the scam. Agents then sent an email address made to appear as if it were from a VCU account, tracing the fraud to Egbinola. thus scamming the scammer.

Bacon’s bottom line. Ah, what a waste of talent. If only the scammers harnessed their creativity for good. Meanwhile, be ever-vigilant about “lookalike” URLs and email addresses.

Share this article


(comments below)


(comments below)


12 responses to “Watch Out, Nigerian Princes Are Using Bitcoin and VPNs Now”

  1. DJRippert Avatar

    No payment should be authorized unless it corresponds to a specific invoice attached to an approved purchase order.

    How did the scammers know that a legitimate invoice for $469,819.49 had been received by ODU? It sounds like a little “social engineering” was part of the scam.

    I deduct points from this scammer since a quick look at the LinkedIn profile of Kjellstrom and Lee would have provided the lazy scammer with real names of real employees at that company.

    Finally, shame on ODU. Their systems should have noticed the difference between the real URL of Kjellstrom and Lee and the slightly modified URL presumably used by the scammer. The system should have alerted the recipient that they rarely get e-mails from the modified URL. Either that didn’t happen or the e-mail recipient didn’t pay sufficient attention to the warning.

  2. Nancy Naive Avatar
    Nancy Naive

    How soon the white boys forget…

  3. Jack Lucas Avatar

    Mr. Bacon, recommend you check the definition of VPN. I always learned VPN stood for “Virtual Private Network”, not “Verified Proxy Network”.

  4. LarrytheG Avatar

    This has happened to several government entities including the Spotsy School system which was scammed out of several hundred thousand dollars over astro-turf.

    But it’s not that widespread in govt nor private sector (that we know of) so I suspect poor financial management practices where someone who should not be dispersing funds in the first place. A professional that does this all the time would have training and
    procedures to follow to verify/validate important details before approving the transaction.

    Ransom-ware is actually a more serious issue where anyone inside of an organization can click on a link and infect their entire system and lock it until a ransom is paid.

    This is why corporations and government at all levels should have a professional IT group maintaining their systems.

  5. Nancy Naive Avatar
    Nancy Naive

    Several years ago, a federal government employee using our DUNS number redirected contract payments from our, and several other contracts, to a Cayman’s bank and *poof* disappeared into the wind.

    Scams are scams, thieves are thieves. Been happening since recorded time and it’s ALWAYS been easy to do.

    1. There’s a sucker born every minute, and don’t ever underestimate the gullibility of Americans… Now about that bridge you were interested in, we can get you a special deal, but it has to be done today…

      1. Nancy Naive Avatar
        Nancy Naive

        Our limited supply is very nearly gone.

        1. You sure? There are 330,000,000 of us ripe for the picking.

          1. Nancy Naive Avatar
            Nancy Naive

            Not including multiple sales…

          2. How true. The first sale may be the hardest, repeat customers likely get easier.

          3. Nancy Naive Avatar
            Nancy Naive


          4. But wait, there’s more. Today and today only, buy one and get a second special offer….

Leave a Reply