The term “scam artist” just took on a whole new meaning. On Monday, Interpol announced that it had arrested a man referred to only as “Mike,” a 40-year-old Nigerian man who allegedly, using the internet alone, managed to swindle more than $60 million United States dollars all told from people and businesses around the world. One-fourth of that jackpot — $15.4 million — came from one individual.
This mysterious “Mike” may indeed be loathsome and sociopathic, but it’s hard to not be impressed by his feats. (Say it with me, now: sixty million dollars.) Interpol explains that he was not acting alone, though he was the ringleader and mastermind: “Mike” had a transnational team of around 40 fellow criminals working to appropriate funds. Malware and email fraud were the cybercriminals’ chosen tools.
One method involved “Mike” or one of his cohorts seizing control of a target business’s email account. The infiltrator would then identify incoming payments and surreptitiously instruct the payer to send the funds to a controlled, private bank account. The other method is called CEO fraud. In short, “Mike” or an underling would — again by way of email account penetration — pose as a CEO or another top dog. Then, under the guise of this authority, “Mike” et al. would ask a lowly employee to wire money to some outside account for some purpose. The lowly employee, being a lowly employee, would do as he or she had been told. Unbeknownst to him or her, this “outside account” would be under criminal control, and the vague purpose would be entirely fictitious.
Interpol charged “Mike” and another associate with conspiracy, hacking, and “obtaining money under false pretenses.” Interpol recommends that businesses diligently practice two-step verification in all transactions to avoid such criminal artistry.