Christian Akhatsegbe, 36, from Atlanta, Georgia, has been sentenced to seven years and three months in prison for cyber-fraud, wire and computer fraud conspiracy, access device fraud, and aggravated identity theft.
The crimes were committed in a multi-million-dollar cyber-fraud scheme that was carried out through phishing emails, credential harvesting, and invoice fraud. Akhatsegbe’s brother, Emmanuel Aiye Akhatsegbe, who is believed to reside in Nigeria, was also charged in the scheme but remains a fugitive.
Christian Akhatsegbe, who was convicted of these charges on April 12, 2022, after pleading guilty, was also ordered to pay restitution of $2,001,083.45.
According to U.S. Attorney Ryan K. Buchanan, between approximately August 2019 and November 2020, Christian Akhatsegbe, his brother, and others, engaged in spear phishing, credential harvesting, and business email compromise schemes.
They sent phishing emails to employees of companies and agencies in the United States and the United Kingdom using stolen SendGrid email marketing accounts, stole and harvested employee access credentials on computer servers, used the stolen credentials to access the victims’ computers, and then sent fraudulent invoices to victims requesting payment of funds to bank accounts in Hong Kong.
In addition to the cyber-fraud scheme, Christian Akhatsegbe also engaged in hundreds of thousands of dollars of COVID-19-related loan fraud.
Using stolen identities, he submitted 40 fraudulent applications for COVID-19 Economic Injury Disaster loans between July 2020 and September 2020, with the U.S. Small Business Administration approving loans in the amount of $220,700.
The case was investigated by the Federal Bureau of Investigation, with assistance from Microsoft Corporation’s Digital Crimes Unit and the City of London Police in the United Kingdom. Akhatsegbe’s crimes illustrate the far-reaching scope of cybercrime and the importance of international cooperation in apprehending and prosecuting cyber-criminals.
