BEC Hotshot with Opulent Social Media Presence to Face U.S. Charges

A Dubai resident with an elaborate lifestyle that he touted on social media – think designer clothes, expensive watches, luxury cars and charter jets – has arrived in the United States to face criminal charges. He is charged with conspiring to engage in money laundering, as part of a business email compromise (BEC) and general fraud effort.

According to an FBI affidavit filed in U.S. District Court, the Nigerian national, known as Ramon Olorunwa Abbas, allegedly conspired to launder hundreds of millions of dollars from BEC and other scams. According to the FBI, his campaigns targeted a New York law firm, a foreign bank and an English Premier League soccer club.

In BEC scams, attackers can leverage compromised or spoofed accounts to request fraudulent wire transfers, redirect an employee’s paycheck or steal sensitive information housed within inboxes. In 2019 alone, the FBI recorded $1.7 billion in losses by companies and individuals victimized through BEC scams – and the trend shows no sign of abating.

“BEC schemes are one of the most difficult cybercrimes we encounter as they typically involve a coordinated group of con artists scattered around the world who have experience with computer hacking and exploiting the international financial system,” said United States Attorney Nick Hanna, in a statement.

The FBI believes that Abbas, a.k.a. “Ray Hushpuppi” and “Hush,” is one of the leaders of a transnational network that facilitates computer intrusions, BEC and other fraud and money laundering, targeting victims around the world in conjunction with “multiple co-conspirators.”

In the case of the law firm, iPhone messages found on one of the co-conspirator’s devices offers alleged evidence that Abbas and the others in the gang conducted a successful BEC scheme that defrauded a U.S. client of the firm out of nearly $1 million dollars ($922,857.76), the FBI said. Abbas and co-conspirators allegedly tricked one of the law firm’s paralegals into wiring money intended for the client’s real-estate refinancing to a bank account that was controlled by Abbas and the co-conspirators.

In the foreign bank case, the FBI alleges that Abbas conspired to launder funds stolen in a $14.7 million cyber-heist in February 2019, in which part of the stolen money (about $5.6 million) was sent to bank accounts around the world.

Another allegation is that Abbas and co-conspirators schemed to steal approximately $124 million from an (unspecified) English Premier League soccer club.

These and other ongoing efforts helped Abbas amass “significant wealth” according to the FBI, judging from his postings on social media sites like Instagram.

“For example…Abbas posted a photograph of a white Rolls Royce Cullinan that included the hashtag ‘#AllMine,'” according to the FBI’s affidavit. Similarly, “Abbas [also] posted a photograph of himself in front of two vehicles, one of which he described as his new Rolls Royce Wraith. Based on review of publicly available pricing information, the starting price for each of these vehicles is approximately $330,000.”

Meanwhile, on numerous occasions, Abbas posted photos of himself wearing items and/or holding shopping bags from luxury stores such as Gucci, Louis Vuitton, Channel, Versace, Fendi and others. He also posted selfies with private jets as background. He apparently flew those jets to various world capitals, with other pictures showing him in Paris, Dubai and other destinations.

“The FBI’s investigation has revealed that Abbas finances this opulent lifestyle through crime, and that he is one of the leaders of a transnational network that facilitates computer intrusions, fraudulent schemes (including BEC schemes), and money laundering, targeting victims around the world in schemes designed to steal hundreds of millions of dollars,” according to the affidavit.

Abbas was arrested last month by United Arab Emirates law-enforcement officials, and now has been extradited to the U.S. FBI special agents earlier this week obtained custody of Abbas and brought him to the United States. He is expected to be transferred to Los Angeles soon. If convicted of conspiracy to engage in money laundering, Abbas would face a statutory maximum sentence of 20 years in federal prison.

“This case targets a key player in a large, transnational conspiracy who was living an opulent lifestyle in another country while allegedly providing safe havens for stolen money around the world,” Hanna said. “As this case demonstrates, my office will continue to hold such criminals accountable, no matter where they live.”

_BEC and enterprise email fraud is surging, but DMARC can help – if it’s done right. On July 15 at 2 p.m. ET, join Valimail Global Technical Director Steve Whittle and Threatpost for a _FREE webinar_, “DMARC: 7 Common Business Email Mistakes.” This technical “best practices” session will cover constructing, configuring, and managing email authentication protocols to ensure your organization is protected. _Click here to register_ for this Threatpost webinar, sponsored by Valimail._