Modernizing Authentication — What It Takes to Transform Secure Access
The FBI and the U.S. Attorney's Office for the District of New Jersey recently announced that Osarhieme Uyi Obaygbona, 32, of Atlanta, Georgia, was convicted on June 27 of conspiracy to commit wire fraud, conspiracy to commit identity theft, and conspiracy to gain unauthorized access to protected computers. According to the statement, Chase Bank, Bank of America, ADP and Brank Bank & Trust Co. lost a total of $1.5 million as a result of Obaygbona's actions.
"In a week-long trial, the prosecution stated that Obaygbona, Marvin Hill, and Alphonsus Osuala were provided with stolen personal information by Waya Nwaki, who received them from Karlis Karklins, a Latvian national who worked with defendant Charles Umeh Chidi and others to deploy phishing websites across the Internet," writes Dark Reading's Tim Wilson. "According to court documents, Obaygbona, Nwaki, Hill, Osuala, and others used the stolen identifiers to make unauthorized withdrawals from victims’ accounts. Some of the stolen identifiers were used to create fake driver’s licenses, with which conspirators could impersonate victims at bank branches, including Chase Bank and Bank of America. The scheme also used the stolen identifiers to gain access to the victims’ online accounts, where Obaygbona, Nwaki, and Hill could view victim signatures on check images and then forge checks and withdrawal slips."
"The stolen online credentials also were allegedly used by Karklins to access payroll accounts at ADP," writes BankInfoSecurity's Tracy Kitten. "Once fake employee accounts were added to victim companies' payrolls, Karklins and others allegedly had paychecks issued to the fake employees. After the fake checks were sent, the funds were withdrawn by money mules, who authorities say were duped into thinking their acts were legitimate."
The convictions carry a maximum sentence of 50 years in prison and fines of $1 million. Sentencing is scheduled for October 17.