Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management

Just How Lucrative Are BEC Scams?

Suspect Laundered Millions, Flaunted His Wealth on Social Media, Prosecutors Say
Just How Lucrative Are BEC Scams?
Ramon Abbas, charged in connection with BEC scams, owned luxury cars and took expensive shopping trips to Paris. (Photos: Justice Department)

A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department. He flaunted his lavish lifestyle on social media, prosecutors say.

See Also: Webinar | Everything You Can Do to Fight Social Engineering and Phishing

Ramon Olorunwa Abbas, 37, who also goes by the name "Ray Hushpuppi," arrived in Chicago Friday after being extradited from Dubai on a charge of conspiring to launder money. He and at least two co-conspirators allegedly ran an operation that scammed and then laundered millions of dollars from a wide net of victims, according to the U.S. Department of Justice.

"BEC is one of the most lucrative forms of cybercrime,” says Alex Guirakhoo, threat research team lead at the security firm Digital Shadows. “Although Abbas’ arrest is likely to impact operations he was directly involved in, BEC, in general, shows no sign of slowing down as long as cybercriminals can profit.”

Hushpuppi's Alleged Operation

Prosecutors offered examples of the BEC schemes. For example, they say the fraudsters stole more than $922,000 from a New York law firm in October 2019. After a BEC attack targeting a UK Premier League football club, prosecutors say, Abbas was allegedly preparing to launder at least $100 million. But the scam was never pulled off.

"The affidavit also alleges that Abbas conspired to launder funds stolen in a $15 million cyber heist from a foreign financial institution in February 2019, in which the stolen money was sent to bank accounts around the world,” according to the Justice Department. “Abbas allegedly provided a co-conspirator with two bank accounts in Europe that Abbas anticipated each would receive £5 million ($5.6 million) of the fraudulently obtained funds."

Nothing to Hide

Abbas led an opulent lifestyle that included a massive residence in Dubai, luxury cars and shopping excursions to high-end shops in Paris - and he was not shy about flaunting his wealth, prosecutors say. The Justice Department notes he had an Instagram account under the name Hushpuppi with 2.3 million followers and 500 posts, where he often put his wealth on display.

"This Instagram account included numerous publicly viewable images of a man who appeared to be Abbas, based on comparisons to photographs of Abbas in passports and other identification documents," prosecutors say.

Investigators say they were able to tie Abbas to cellphones and email accounts that were used to conduct illegal transactions because he allegedly used the alias Ray Hushpuppi on the accounts.

Law enforcement officials obtained the mobile phones of two co-conspirators and found they contained messages from various accounts using a variant of Abbas' Hushpuppi nickname, the Justice Department says.

If convicted, Abbas faces a maximum sentence of 20 years in prison.

BEC Scams a Growing Threat

In the U.S., the FBI's Internet Crime Complaint Center received more than 467,000 reports of internet-related crimes in 2019, averaging about 1,300 complaints daily, according to the report. The FBI received nearly 24,000 complaints about BEC scams last year, with a total loss of $1.7 billion and an average loss of about $72,000, according to a report issued in February (see: FBI: BEC Losses Totaled $1.7 Billion in 2019).

In recent weeks, however, federal law enforcement officials have advanced cases against alleged BEC scammers.

For example, in June, Obinwanne Okeke pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar (see: Nigerian Entrepreneur Pleads Guilty in $11 Million BEC Scam).

Also in June, six Nigerian nationals were indicted for their alleged involvement in business email compromise campaigns and other schemes from 2015 to 2017 that targeted U.S. businesses.

About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to, TheStreet and Mainstreet.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.