A Nigerian, Olumide Ogunremi who lived in the Newark area of the United States has been arrested for running a computer hacking and identity theft scheme that ordered about $1 million in office products after stealing personal information from U.S. government workers, federal officials said.
Ogunremi, who also went by “Tony Williams,” faces up to 20 years in prison if convicted of a single count of wire fraud, the U.S. Attorney’s Office for New Jersey said in a statement.
He was docked in a Federal court on Thursday and pleaded not guilty to one count of conspiracy to commit wire fraud.
According to a report by nj.com Ogunremi and his cohorts tricked employees of the U.S. Department of Environmental Protection and the U.S. Department of Commerce into divulging their usernames and passwords by creating fake websites and sending phony emails that mimic legitimate government sites and email addresses, authorities said.
They then used the stolen credentials to place fraudulent orders for office products – mainly printer toner cartridges – from vendors authorized to do business with government agencies.
Ogunremi and his partners had their orders delivered to associates in New Jersey where the goods would be repackaged and shipped to Nigeria to be re-sold on the black market.
The scam operated for about six months in 2013.
Ogunremi, who fled to Canada, was extradited to the United States on Sept. 26 and charged two days later. He is being held in New Jersey without bail.
One of Ogunremi’s co-conspirator’s, Abiodun Adejohn, previously pleaded guilty to one count of wire fraud conspiracy, and was sentenced to three years in prison in May 2015.
Phishing attacks are the most common form of cyberattacks faced by the federal government. Pentagon email systems, for example, thwart some 36 million phishing-related emails each day.
In recent months, agencies have taken a proactive approach, alerting the public of potential phishing schemes before they blow up. In August, the IRS publicized a phishing scheme where fraudsters had created a website similar to IRS.gov in hopes of spreading malware to taxpayers.
In June, the Cybersecurity and Infrastructure Security Agency warned the public that bad actors were purporting to send notification from the cyber agency in another effort to spread malware.