Olumide Ogunremi, a Nigerian national, was sentenced Wednesday to three years in prison for his role in a hacking operation aimed at U.S. government employees, the Department of Justice announced Wednesday.
Ogunremi, along with other alleged co-conspirators, targeted government employees with spoofed email pages that imitated U.S. government agencies’ email systems in order to steal their access credentials, prosecutors said. After government personnel visited the pages and fell for the trick, the fraudsters used the stolen usernames and passwords to then fraudulently order office products from General Services Administration vendors, according to the DOJ.
The operation, which lasted from approximately July 2013 through December 2013, convinced government vendors to send office products, such as printer toner cartridges, to New Jersey. The products would then be repackaged and shipped overseas to locations controlled by Ogunremi and co-conspirators, the Justice Department said.
In some cases, the co-conspirators leveraged web pages that imitated the U.S. Environmental Protection Agency to dupe targets, according to court documents.
The scheme ultimately defrauded vendors of nearly $1 million worth of office products, prosecutors said.
Hackers frequently spoof legitimate websites to steal victim credentials or information. Last week, the DOJ announced charges against two Russian nationals for allegedly tricking victims into sharing usernames and passwords on fake websites, for example. The most popular websites that credential-stealing criminals have been imitating lately include Wells Fargo, Netflix, Facebook, Microsoft, according to research from Palo Alto Networks.
U.S. District Judge Susan B. Wigenton has ordered Ogunremi to pay restitution of $68,618.
Ogunremi was originally indicted in 2018 and has pleaded guilty to one count of conspiracy to commit wire fraud. You can read the original indictment below.