Two Nigerians, Emmanuel Mmaduike and Olawale Kashimawo, both 31, who operated a London-based cyber crime group have been jailed after stealing more than £1m.
The two Nigerians spent the money on “a lavish lifestyle”, according to the UK National Crime Agency.
According to a report by Sky News, the pair hired a helicopter and drove “flash cars”, and “posed for photographs of themselves with wads of money, expensive watches and drinking champagne”.
They ran their scams from southeast London after obtaining thousands of business email addresses and passwords – which they used to divert payments away from legitimate companies to themselves.
Emmanuel Mmaduike: also jailed for cyber crime
Known officially as “business email compromise” (BEC), the attack involves the criminal impersonating a senior executive and attempting to convince the victim to transfer funds.
UK’s National Cyber Security Centre said BEC scams are one of the fastest growing forms of cyber crime. According to a 2017 report by networking company Cisco, cyber criminals made $5.3bn (£3.9bn) from BEC in just three years.
Mmaduike’s role was to access the victim’s email accounts and change invoices so that payments were directed to mule bank accounts run by Kashimawo.
His collaborator then laundered the cash by arranging withdrawals and international bank transfers which were carried out by other fraudsters.
The pair are believed to have carried out more than £1m of fraud and money laundering between April 2015 and November 2015, according to the NCA.
Mmaduike was jailed in March 2017 for six years and 10 months after he admitted money laundering and fraud.
He also admitted perverting the course of justice in relation to a sham marriage to a Dutch national.
On Thursday, his accomplice Kashimawo was jailed at Kingston Crown Court for six years and nine months after admitting two counts of conspiracy to commit money laundering.
The head of investigations at the NCA’s National Cyber Crime Unit (NCCU), Tony Adams, said: “UK businesses should exercise caution when authorising significant transactions – particularly if there is a last-minute change of account details.
“If in doubt speak to the intended recipient of the funds on the phone prior to making a large payment.
“Keep passwords safe and do not use the same passwords for multiple online accounts.
“The NCA and our partners are continuing to tackle business email fraud and money laundering. It is imperative victims report such compromises as soon as possible and retain all evidence.”