Christian Akhatsegbe has been arraigned on federal charges of wire and computer fraud conspiracy, access device fraud, and aggravated identity theft related to a multi-million-dollar cyber-fraud scheme allegedly perpetrated through email phishing, credential harvesting, and invoice fraud. Emmanuel Aiye Akhatsegbe, who is believed to be residing in Nigeria, was also charged in the scheme.
“The scope of the defendants’ alleged fraudulent conduct is extraordinary,” said Acting U.S. Attorney Kurt R. Erskine. “The indictment in this case results from the tireless work of federal law enforcement and the valuable cooperation of corporate investigators and agency victims. These federal charges also serve as a reminder to those perpetrating cyber and fraud schemes, whether it be from Atlanta or any corner of the globe.”
“This case is an example of our persistent determination to hold criminals accountable no matter how sophisticated their cyber fraud or their geographic location,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “This indictment would not have been possible without the hard work and cooperation of our federal law enforcement and private sector partners. The FBI would like to remind businesses to remain diligently alert to potential email compromises and fraud schemes.”
According to Acting U.S. Attorney Erskine, the charges, and other information presented in court: Christian Akhatsegbe, Emmanuel Aiye Akhatsegbe, and their conspirators allegedly engaged in a scheme that involved sending phishing emails to victim companies and organizations in the United States and Europe, stealing employee access credentials, and then harvesting the credentials on computer servers. Some of the phishing emails contained a link to a webpage that was designed to resemble a login page for Microsoft Office but actually captured email account credentials. Using the stolen credentials, Christian Akhatsegbe, Emmanuel Aiye Akhatsegbe, and their conspirators then allegedly sent emails to other employees at the victim companies and organizations. The emails contained fake invoices that requested payment of hundreds of thousands of dollars into bank accounts connected to the conspirators.
As an example of this scheme, the indictment alleges that in November 2019, an employee of a company in the United Kingdom received a phishing email, which resulted in their credentials being logged, stolen, and later stored on a computer server that was allegedly accessed and maintained by Christian Akhatsegbe, Emmanuel Aiye Akhatsegbe, and their conspirators. Using the access credentials stolen from the employee, the conspirators allegedly sent an email to another employee of the company, which appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $434,383.45 with wiring instructions to a bank in Hong Kong. The victim company later paid the fraudulent invoice and wired the funds to Hong Kong.
In another instance, in December 2019, using credentials stolen from a Massachusetts victim company employee, Christian Akhatsegbe, Emmanuel Aiye Akhatsegbe, and their conspirators allegedly sent an email to another employee of the company, which appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $498,000 and requested that the victim send payment to a bank in Hong Kong. The victim paid the invoice, together with a second invoice in the same amount, wiring a total of $996,000 to a bank account in Hong Kong.
Christian Akhatsegbe, 35, of Atlanta, Georgia, and Emmanuel Aiye Akhatsegbe, 46, of Lagos, Nigeria, were indicted by a federal grand jury on October 26, 2021. Members of the public are reminded that the indictment only contains charges. The defendants are presumed innocent of the charges and it will be the government’s burden to prove the defendants’ guilt beyond a reasonable doubt at trial.
This case is being investigated by the Federal Bureau of Investigation. Valuable assistance has also been provided by Microsoft Corporation’s Digital Crimes Unit.
Assistant U.S. Attorney Michael Herskowitz, Chief of the Cyber and Intellectual Property Crimes Section, is prosecuting the case together with attorneys from the Department of Justice, Criminal Division, Computer Crime & Intellectual Property Section.
For further information please contact the U.S. Attorney’s Public Affairs Office at [email protected] or (404) 581-6016. The Internet address for the U.S. Attorney’s Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga.