Business Email Compromise (BEC) , Fraud Management & Cybercrime
US Law Enforcement Arrests 4 for Business Email CompromiseDefendants Allegedly Obtained More Than $5.4 Million From Businesses They Duped
U.S. federal law enforcement arrested four members of a business email conspiracy and credit card fraud ring, alleging they collectively tricked legitimate businesses into enriching them by $9.2 million.
See Also: The Business Email Compromise Handbook
The charges against the four accused men - three residents of California and one of Nevada - include conspiracy to commit wire fraud and bank fraud, money laundering, engaging in a conspiracy to committee wire fraud and money laundering, as well as aggravated identity theft. If found guilty on all counts, they face a potential cumulative sentence of 122 years in prison.
Joel Zubaid, 55, Julian Rebiga, 55, David Goran, 56 and Martin Mizrahi, 51, allegedly carried out at least three fraudulent schemes between April and June 2021, a grand jury indictment states.
As a result of their business email compromise efforts, the defendants allegedly obtained more than $5.4 million from businesses duped into believing they were legitimately corresponding with a business contact. In one case, according to the indictment, conspirators obtained access to the business email account of a chief financial officer of a community development corporation. In another, they obtained access to the business email account of an employee of a company owned by a private equity fund.
They attempted to launder the funds by moving them into other bank accounts and cryptocurrency wallets under their control.
The FBI earlier this year warned the private sector that business email compromise - whether through account compromise or impersonation - is a growing threat. Businesses across the globe lost $43 billion between June 2016 and December 2021 to business email compromise, the FBI said. Losses skyrocketed by 65% between July 2019 and December 2021.
A bank froze two of the co-conspirators' accounts and sought to retrieve funds sent by one defendant to another. "The defendants made multiple attempts to retain or recover control over the funds by lying to the banks about the purpose of the transfers," the Department of Justice wrote in a statement touting the arrests.
Defendants also allegedly rigged point-of-sale machines controlled by Mizrahi and Rebiga's companies to charge more than $3.8 million using stolen credit card information, without the authorization or consent of the card holders.