There’s an update to a previously reported case:
ATLANTA – Christian Akhatsegbe has been sentenced for wire and computer fraud conspiracy, access device fraud, and aggravated identity theft related to a multi-million-dollar cyber-fraud scheme perpetrated through email phishing, credential harvesting, and invoice fraud. His brother, Emmanuel Aiye Akhatsegbe, who is believed to be residing in Nigeria, was also charged in the scheme and remains a fugitive.
“The far-reaching scope of this defendant’s criminal conduct is astonishing,” said U.S. Attorney Ryan K. Buchanan. “Hiding behind several aliases, Christian Akhatsegbe and his conspirators stole employee credentials, unlawfully accessed computers, and attempted to scam companies out of more than 12 million dollars. And not content to limiting his criminal conduct to these schemes, Akhatsegbe also engaged in hundreds of thousands of dollars of COVID-19-related loan fraud. The relentless efforts of determined corporate-law enforcement partnerships, in conjunction with excellent investigative work across the globe, exposed Akhatsegbe’s crimes and he will now serve a sentence in federal prison as well as pay restitution to his victims.”
“Operation Dark Nimbus is a perfect example of how the FBI won’t let geographic boundaries stop us from pursuing and prosecuting anyone who inflicts tremendous financial pain to U.S. citizens,” said Keri Farley, Special Agent in Charge of FBI Atlanta. “These criminals felt like they were safe hiding behind their computers and aliases. Hopefully this sentence and the ultimate capture of Emmanuel sends a message to anyone who thinks they can prey on our citizens and get away with it.”
According to U.S. Attorney Buchanan, the charges and other information presented in court: Between approximately August 2019 through November 2020, Christian Akhatsegbe, together with his brother, Emmanuel Aiye Akhatsegbe, and others, engaged in spear phishing, credential harvesting, and business email compromise schemes, which involved sending phishing emails to employees of companies and agencies in the United States and the United Kingdom using stolen SendGrid email marketing accounts, stealing and harvesting the employee access credentials on computer servers, using the stolen credentials to access the victims’ computers, and then sending fraudulent invoices to victims requesting payment of funds to bank accounts in Hong Kong.
In November 2019, for example, an employee of a company in the United Kingdom received a phishing email, which resulted in their credentials being logged, stolen, and later stored on a computer server that was accessed and maintained by Christian Akhatsegbe and his conspirators. Using the stolen credentials, the conspirators sent an email to another employee of the company that appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $434,383.45 with wiring instructions to a bank in Hong Kong. The victim company later paid the fraudulent invoice and wired the funds to Hong Kong.
Similarly, in December 2019, using credentials stolen from a Massachusetts victim company employee, Christian Akhatsegbe and his conspirators sent an email to another employee of the company that appeared to originate from one of the company’s vendors. The email attached a fraudulent invoice in the amount of $498,000 and requested that the victim send payment to a bank in Hong Kong. The victim paid the invoice, together with a second invoice in the same amount, wiring a total of $996,000 to a bank account in Hong Kong.
In January and April 2020, Christian Akhatsegbe and his conspirators perpetrated a similar scheme against two other United Kingdom-based companies, sending fraudulent invoices in the amount of $498,000 and $980,000, respectively. But these victim companies recognized the invoices as fraudulent and did not remit payment. In total, the conspirators sent victim companies fraudulent invoices in the amount of $12,861,290.59. Of this amount, victims paid invoices in the total amount of $2,268,329.69.
The investigation further revealed that Christian Akhatsegbe utilized stolen identities to submit 40 fraudulent applications for COVID-19 Economic Injury Disaster loans in the amount of $2,905,100 during the time period of July 2020 to September 2020. The U.S. Small Business Administration in turn approved loans in the amount of $220,700.
Christian Akhatsegbe, 36, of Atlanta, Georgia, has been sentenced to seven years, three months in prison to be followed by three years of supervised release, and ordered to pay restitution in the amount of $2,001,083.45. Akhatsegbe was convicted on these charges on April 12, 2022, after he pleaded guilty.
This case was investigated by the Federal Bureau of Investigation. Valuable assistance has also been provided by Microsoft Corporation’s Digital Crimes Unit and the City of London Police in the United Kingdom.
Assistant U.S. Attorney Michael Herskowitz and Natalie Tecimer, Trial Attorney of the Department of Justice, Criminal Division, Computer Crime & Intellectual Property Section, prosecuted the case.
On May 17, 2021, the Attorney General established the COVID-19 Fraud Enforcement Task Force to marshal the resources of the Department of Justice in partnership with agencies across government to enhance efforts to combat and prevent pandemic-related fraud. The Task Force bolsters efforts to investigate and prosecute the most culpable domestic and international criminal actors and assists agencies tasked with administering relief programs to prevent fraud by, among other methods, augmenting and incorporating existing coordination mechanisms, identifying resources and techniques to uncover fraudulent actors and their schemes, and sharing and harnessing information and insights gained from prior enforcement efforts. For more information on the Department’s response to the pandemic, please visit https://www.justice.gov/coronavirus.
Anyone with information about allegations of attempted fraud involving COVID-19 can report it by calling the Department of Justice’s National Center for Disaster Fraud (NCDF) Hotline at 866-720-5721 or via the NCDF Web Complaint Form at: https://www.justice.gov/disaster-fraud/ncdf-disaster-complaint-form.
For further information please contact the U.S. Attorney’s Public Affairs Office at [email protected] or (404) 581-6016. The Internet address for the U.S. Attorney’s Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga.