At least five Nigerians have been charged in New York by the U.S. Justice Department for various internet scams, running into about $4.5million.
One of the Nigerians, Charles Onus was arrested in San Francisco on 14 April, for payroll hacking, in which he stole nearly $1million.
The other four Nigerians were charged, along with two others now at large, with romance scams and using shell companies to launder over $3.5 Million in funds from victims of romance fraud schemes.
Mentioned in the charge were ABUCHI SHEDRACH FELIX, OLUWATOMIWA AKINTOLA, GREGORY OCHIAGHA, and OLANREWAJU AJIBOLA.
NADINE JAZMINE WADE and HABIBA FAGGE, also charged are not Nigerians.
Charles Onus was presented Wednesday in Manhattan federal court before Magistrate Judge Sarah L. Cave. The case is assigned to U.S. District Judge Paul G. Gardephe.
In the complaint against him, Onus was accused of running a scheme to conduct cyber intrusions of multiple user accounts maintained by a company that provides human resources and payroll services to employers across the United States, in order to steal payroll deposits.
Manhattan U.S. Attorney Audrey Strauss said: “Charles Onus allegedly participated in a scheme that stole nearly $1 million by hacking into a payroll processing company’s system to access user accounts and divert payroll to prepaid debit cards he controlled.
As alleged, Onus did this as effectively as someone who commits bank burglary, but with no need for a blowtorch or bolt-cutters. Thanks to the FBI and IRS-CI, Onus is in custody and facing serious federal charges.”
The unsealing of the indictment against the other four Nigerians was announced by Audrey Strauss, United States Attorney for the Southern District of New York, Patrick J. Freaney, Deputy Special Agent in Charge of the New York Field Office of the United States Secret Service (“USSS”), and Jonathan D. Larsen, Special Agent in Charge of the New York Office of the Internal Revenue Service.
They were all charged with conspiracy to commit money laundering, in connection with their involvement in laundering millions of dollars in proceeds derived from romance fraud schemes.
FELIX, AKINTOLA, and AJIBOLA were arrested Tuesday at Newark Liberty International Airport in Newark, New Jersey.
OCHIAGHA was arrested Wednesday in the Bronx.
FELIX, AKINTOLA, AJIBOLA, and OCHIAGHA were presented in Manhattan federal court on Wednesday before U.S. Magistrate Judge Sarah L. Cave.
ABUCHI SHEDRACH FELIX, 29, of Newark, New Jersey, NADINE JAZMINE WADE, 28, of the Bronx, New York, OLUWATOMIWA AKINTOLA, 27, of Brooklyn, New York, GREGORY OCHIAGHA, 55, of the Bronx, New York, HABIBA FAGGE, 24, of Towson, Maryland, and OLANREWAJU AJIBOLA, 36, of Newark, New Jersey, were each charged with one count of conspiracy to commit money laundering, in violation of 18 U.S.C. § 1956(h).
The offence carries a maximum sentence of 20 years in prison.
Manhattan U.S. Attorney Audrey Strauss said: “As alleged, the conspirators preyed on the emotions of their numerous online romance fraud victims to fleece the victims out of millions of dollars. Thanks to the Secret Service and IRS Criminal, the defendants have dates in court to face federal charges.”
USSS Deputy Special Agent-in-Charge Patrick J. Freaney said: “Cyber enabled romance schemes continue to harm innocent and unsuspecting people, and the U.S. Secret Service remains committed to investigating those who perpetuate these acts. In this instance, the conspirators allegedly utilized online aliases and created shell companies in furtherance of their scheme to defraud.
Through a collaborative investigative effort by the Secret Service, the Internal Revenue Service, and the New York City Police Department Financial Crimes Task Force, the accused will answer the charges brought against them in the Southern District of New York”.
IRS-CI Special Agent in Charge Jonathan D. Larsen said: “The arrests of the alleged perpetrators of this $3.5 million scheme deal a death blow to the vast criminal activity in which the defendants were allegedly engaged.
“IRS Criminal Investigation will continue to aggressively pursue those who profit from illegal activity and ensure they are brought to justice.”
According to the allegations in the Complaint:
Using online aliases, the defendants’ co-conspirators contacted victims on various dating sites, and convinced those victims, under false pretenses, to transfer funds to the defendants and others.
One online alias used in the schemes frequently employed the names “Diego Francisco,” “Richard Francisco,” or “Tom Francisco” (the “Francisco Alias”).
The conspirators used online photos of a male model when providing victims with photos of the Francisco Alias. After engaging in conversation with the victims via phone, text, and email, the conspirators, posing as the Francisco Alias, would ask victims for money.
The reason offered for why the Francisco Alias needed money could vary. In one version of the scheme, the Francisco Alias was supposedly an architect who had traveled to Dubai and needed funds in order to receive several million dollars in payment.
In another version of the scheme, the Francisco Alias supposedly worked on an oil rig and needed funds to repair the rig. The Francisco Alias would then instruct the victims to transfer funds to bank accounts controlled by the defendants.
The means of transfer varied. For example, in some cases, the Francisco Alias instructed victims to obtain cashier’s checks or money orders made payable to one of the defendants’ companies and then either mail the check to the conspirators – at addresses that included one in the Bronx – or to deposit the cashier’s check directly into a bank account held in the name of one of the defendants’ companies.
The Francisco Alias would instruct the victims to send him photographs of any cashier’s checks and any mailing labels.
Each of the defendants created a shell company and opened bank accounts in the name of his or her respective shell company (the “Shell Company Accounts”).
The Shell Company Accounts received funds from victims of the romance fraud scheme described above and rapidly depleted those funds through cash withdrawals, cashier’s checks, and the purchase of vehicles, among other means.
The Shell Company Accounts received over $4.5 million between in or about 2018 and 2020, over $3.5 million of which came from victims of the romance fraud scheme.
Allegations against Charles Onus
According to allegations in the Indictment filed in federal court:
From at least in or about July 2017 through at least in or about 2018, ONUS participated in a scheme to conduct cyber intrusions of multiple user accounts maintained by a company that provides human resources and payroll services to employers across the United States (the “Company”), in order to steal payroll deposits processed by the Company.
During the course of the scheme, unauthorized access was obtained to over 5,500 Company user accounts through a cyber intrusion technique referred to as “credential stuffing.” During a credential stuffing attack, a cyber threat actor collects stolen credentials, or username and password pairs, obtained from other large-scale data breaches of other companies. The threat actor then systematically attempts to use those stolen credentials to obtain unauthorized access to accounts held by the same user with other companies and providers, to compromise accounts where the user has maintained the same password.
After ONUS successfully gained unauthorized access to a Company user account, he changed the bank account information designated by the user of the account so that ONUS would receive the user’s payroll to a prepaid debit card that was under ONUS’s control.
From at least in or about July 2017 through at least in or about 2018, at least approximately 5,500 Company user accounts were compromised and more than approximately $800,000 in payroll funds were fraudulently diverted to prepaid debit cards, including those under the control of ONUS. The compromised Company user accounts were associated with employers whose payroll was processed by the Company, including employers located in the Southern District of New York.
ONUS, 34, was charged with one count of computer fraud for causing damage to a protected computer, which carries a maximum sentence of 10 years in prison.
He was also charged with one count of computer fraud for unauthorised access to a protected computer to further intended fraud, and one count of receipt of stolen money.
Each of the offence carries a maximum sentence of five years in prison.
Onus also faces one count of wire fraud, which carries a maximum sentence of 20 years in prison; and one count of aggravated identity theft, which carries a mandatory sentence of two years in prison to be served consecutively to any other sentence imposed.