San Diego – Amil Hassan Raage pleaded guilty to fraudulently
receiving almost $750,000 as part of a spear phishing scheme. (Spear-phishing
is when an unwitting victim responds to a bogus email, which the victim
believes is from a trusted sender, and reveals confidential information to the
fraudsters.)
On July 23, 2018, the University of California San Diego
(UCSD) received a spear phishing email from a fraudulent Dell email account
instructing UCSD to redirect its payments meant for Dell equipment and services
to Raage’s Wells Fargo bank account in Minnesota. Believing that the email was from a
legitimate Dell employee, UCSD followed the instructions and redirected
payment.
The email actually originated from one of Raage’s
co-conspirators in Kenya. From August 8 through September 12, 2018, UCSD sent
Raage 28 payments totaling $749,158.37.
Each time UCSD wired money to Raage’s account, Raage would promptly
withdraw the money or transfer it to another account. When UCSD learned of the fraud, it halted
payments.
UCSD was not alone. Raage and his co-conspirators
perpetrated a similar scheme on another university, this one in Pennsylvania.
Again, a co-conspirator in Kenya used a falsified Dell account to instruct the
Pennsylvania university to redirect its Dell payments to a bank account in
Minnesota again controlled by Raage. Over the month of January 2018, the
Pennsylvania university wired six payments totaling $123,643.77 to Raage’s bank
account before the university was alerted to the fraud and stopped payments.
After the bank froze Raage’s accounts, he fled to Kenya on
September 22, 2018. Working with Kenyan law enforcement, the FBI’s Legal
Attaché in Kenya, and the Department of Justice’s Office of International
Affairs, Kenyan police arrested Raage on May 7, 2019, and extradited back to
the United States on May 23, 2019, to face prosecution for his involvement in
this theft.
“Modern criminals like Raage have ditched the ski mask and
getaway vehicle and opted for a computer as their weapon of choice,” said U.S.
Attorney Robert Brewer. “As this defendant has learned, we are matching wits
with new-age thieves and successfully tracking them down and putting an end to
their high-tech deception.”
“As exemplified by this outstanding result, criminals who
operate in cyberspace falsely believe themselves to be beyond the reach of law
enforcement, but they are sorely mistaken,” said FBI Special Agent-In-Charge
Scott Brunner. “Our agents will relentlessly pursue justice, aided by our
foreign partners. Thank you to the Kenyan National Police and the Office of
International Affairs for their invaluable assistance in bringing Mr. Raage
before the bar of justice.”
This type of spear phishing activity has been on the rise,
especially for universities, local governments and other entities with
procurement paperwork available on-line.
If you or your business or organization have been victimized
by an email compromise scam, such as this one, it is important to act quickly.
Contact your financial institution immediately and request that they contact
the financial institution where the fraudulent transfer was sent. Next, call
the FBI at 1-800-CALL-FBI and also file a complaint—regardless of dollar
loss—with the FBI’s Internet Crime Complaint Center (IC3).
Raage’s sentencing is set for 8:30 a.m. on October 11, 2019,
before U.S. District Judge Gonzalo P. Curiel.
DEFENDANT Case Number:
18CR4858-GPC
Amil Hassan Raage Age: 48
SUMMARY OF CHARGE
Conspiracy to Commit Wire Fraud, in violation of Title 18
United States Code, Sections 1349
Maximum Penalty: Twenty years in prison
AGENCIES
Federal Bureau of Investigation, San Diego Division
Kenya Police Service
Director of Public Prosecutions, Kenya
Legal Attaché, U.S. Embassy, Nairobi, Kenya
U.S. Department of Justice, Office of International Affairs
Posts
No comments:
Post a Comment