Ten people have been charged by the U.S. Department of Justice in connection with corporate email breach frauds that resulted in the theft of more than $11.1 million from Medicaid, Medicare, and private health insurance programs. Hospitals were to receive the funds in exchange for delivering certain medical services. Business email compromise (BEC) schemes, which are the main source of losses from cybercrime, entail obtaining access to genuine email accounts and utilizing them to deceive those in charge of wire transfers into sending fraudulent money to attacker-controlled accounts. Between June 2016 and December 2021, over $43 billion was lost as a result of these scams, and in only 2021, the FBI Internet Crime Complaint Center received complaints of losses totaling approximately $2.4 as a result of BEC scams.
The arrests were connected to many frauds using compromised hospital email accounts. The suspected perpetrators of these attacks sent emails asking adjustments to the bank account information that will be used for any future payments. Money mules had just opened the accounts, and they planned to take the money out when the transfers were completed. After that, the money was cleaned up using phony names, stolen identities, and shell companies. The money was sent abroad, where it was spent on designer products and expensive cars. Two Medicare Administrative Contractors, two commercial health insurers, and five state Medicaid programs were deceived into altering the payment’s bank account information. Recently, 7 people were charged in relation to these frauds, all of which were South Carolina and Georgia citizens. These include Biliamin Fagbewesa, age 31, from Columbia, South Carolina; Patrick Ndong-Bike, age 32; Desmond Nkwenya, age 35; Cory Smith, age 29; Chisom Okonkwo, age 26; Olugbenga Abu, age 45; and Trion Thomas, age 50; all from Atlanta, Georgia.
More than $4.7 million in losses were incurred by Medicare, Medicaid, and commercial health insurers, and $6.4 million in losses were incurred by federal government agencies, private businesses, and individual taxpayers. If found guilty, nine of the accused may get sentences of 20 or 30 years of imprisonment. Adewale Adesanya, one perpetrator of the scams, entered a plea of guilty to conspiracy to commit money laundering and use of a fraudulent passport, after it was found that he was laundering more than $1.5 million from the BEC scams that targeted Medicaid, the Small Business Administration (SBA), the IRS, a private corporation, and two elderly romance scam victims. The scammer received a 4-year prison term on September 15, 2022.