Suspected BEC gang arrested in Nigeria amid internet fraud crackdown efforts

Nigerian authorities arrested 18 suspects last week in the province of Ogun on internet fraud-related charges, including malware and business email compromise (BEC) attacks, officials told The Record today.

The suspects were arrested at the Remo Majestic Hotel in the city of Shagamu during a law enforcement operation that took place on Wednesday, March 17, 2021.

Besides the arrests, police officers also seized a large number of exotic cars, mobile phones, laptops, Wi-Fi, and modem devices, authorities said.

Recent crackdown against internet fraud groups

The arrests represent just the latest action of the Nigerian Economic and Financial Crimes Commission (EFCC) against internet fraud groups.

Nigerian authorities have increased efforts to go after internet crime groups in the past two years after pressure from law enforcement agencies abroad.

Known as "ya-ya boys" or "G-work" groups, many internet crime groups have been operating unhindered from the western African nation since the late 1990s.

Financial losses caused by these groups have skyrocketed in recent years after many gangs changed tactics from targeting individuals through classic Nigerian prince and romance scams in the 90s and 2000s to targeting the larger bank accounts of companies and government agencies with more complex malware and BEC operations in the late 2010s.

In an FBI report published last week, BEC scam attacks ranked as the top source of financial losses in internet-related crime for the third year in a row, with nearly $1.9 billion lost in 2020 alone.

According to a report published by cyber-security firm Agari in October 2020, around 50% of all BEC scam groups are believed to reside in Nigeria.

50% of the actors we located were found in Nigeria, which is probably lower than most people would have assumed. Surprisingly, a quarter of all #BEC actors were located in the US. The rest of the Top 5 were South Africa, UK, and Canada. pic.twitter.com/zAOBwgbzBN

— Crane Hassold (@CraneHassold) October 13, 2020

Its statistics like these that have pushed US and other international authorities to start targeting BEC groups and work with the EFCC to track down and arrest perpetrators, many of whom never bothered to even hide their identities, after having escaped prosecution for their crimes for almost two decades.

"EFCC has become more aggressive in recent years with arresting scammers in Nigeria," Crane Hassold, Senior Director of Threat Research at Agari told The Record today.

Past operations included:

• The arrest of 167 suspects in Nigeria in September 2019 as part of Operation reWired.
• The arrest of two brothers in November 2019.
• The arrest of the TMT gang in November 2020, a group that infected more than 50,000 organizations with malware, which they later used to carry out BEC attacks.
• The arrest in June 2020 of a famous social media influencer named Hushpuppi who made his fortune through BEC scams.
• The arrest of six other fraudsters in the same month.
• The arrest of 16, then 13, and then another 30 suspects in January 2021.
• The arrest of ten suspects in early March 2021.

But in a conversation with The Record today, Hassold said that despite the increased activity from Nigerian authorities, the arrests have yet to put a dent in the number of cybercrime operators currently active in Nigeria, which the Agari exec estimated to be in the realm of thousands.

One way in which authorities could amp up their operations would be to go after money mules —the persons or groups who act as intermediaries in the illegal money transfers— which would create a choke-point in BEC attacks by reducing the options available to transfer stolen funds, Hassold said.