Two men who were citizens of Nigeria, living in Malaysia, and conducting their crimes from behind computers likely assumed they were safe from the reach of American law enforcement when they hacked into university computer systems to steal paychecks and tax returns.
But through strong partnerships with the Georgia Institute of Technology (Georgia Tech), the Department of Justice, and Malaysian authorities, the FBI was able to identify, arrest, and extradite Olayinka Olaniyi and Damilola Soloman Ibiwoye to face charges of conspiracy to commit wire fraud, computer fraud, and aggravated identity theft.
Ibiwoye pleaded guilty and was sentenced to 39 months in prison. Olaniyi was convicted by a federal jury and is spending nearly six years in jail.
The sophisticated operation led by Olaniyi and Ibiwoye, who were living in Kuala Lumpur, specifically targeted U.S. colleges and universities, reported Special Agent Tyson Fowler from the FBI’s Atlanta Field Office. “We found their computer folders with documents showing efforts to phish employees at 130 to 140 schools,” Fowler said. “They would steal a logo and do the work to make it look legitimate.”
The duo sent fraudulent emails to personnel at these institutions in an attempt to gain system credentials. These phishing messages appeared official but they took unsuspecting recipients to fraudulent sites that allowed the criminals to record user names and passwords. Armed with this information, the hackers could then enter the official school systems and use the stolen credentials to reroute employees’ paychecks and access financial documents. Fowler says the hackers were successful in obtaining access at about 20 schools.
When Olaniyi and Ibiwoye infiltrated Georgia Tech, however, the quick action of the university’s information security team was key to uncovering the identity and methods of the criminals and putting an end to their efforts.