The U.S. Department of Justice has charged 10 individuals over business email compromise scams that have resulted in more than $11.1 million being defrauded from Medicaid, Medicare, and private health insurance programs. The payments were intended for hospitals for providing covered medical services.
Business email compromise (BEC) scams involve gaining access to legitimate email accounts and using them to trick individuals responsible for wire transfers into making fraudulent payments to attacker-controlled accounts and these scams are the biggest cause of losses to cybercrime. According to the FBI, more than $43 billion was lost to these scams between June 2016 and December 2021, and in 2021 alone, the FBI Internet Crime Complaint Center received reports of losses of $2,395,953,296 to BEC scams.
The arrests were related to a series of scams that spoofed hospital email accounts. The individuals allegedly involved in these attacks sent emails requesting changes be made to the bank account details on file for all future payments. The accounts had been recently set up by money mules, who would withdraw the funds once the transfers had been made. The money was then laundered through false and stolen identities and shell companies. The funds were transferred overseas and were used to purchase luxury goods and exotic automobiles. Five state Medicaid programs, two Medicare Administrative Contractors, and two private health insurers were tricked into changing the bank account details for payments.
7 individuals were recently charged in connection with these scams, all of whom were residents of Georgia and South Carolina – Biliamin Fagbewesa, 31, of Columbia, South Carolina, Patrick Ndong-Bike, 32, Desmond Nkwenya, 35, Cory Smith, 29, Chisom Okonkwo, 26, and Olugbenga Abu, 45, of Atlanta, Georgia, and Trion Thomas, 50, of Stone Mountain, Georgia. The other three individuals – Malachi Mullings, 29, of Sandy Springs, Georgia, Adewale Adesanya, 39, of Jonesboro, Georgia, and Sauveur Blanchard Jr., 49, of Richmond, Virginia – had previously been charged over their money laundering activities.
Medicare, Medicaid, and private health insurers suffered losses of more than $4.7 million, and $6.4 million in losses were caused to federal government agencies, private companies, and individuals. 9 of the defendants face maximum jail terms of 20 or 30 years if convicted. Adewale Adesanya pleaded guilty to conspiracy to commit money laundering and use of a fake passport, having laundered more than $1.5 million from the BEC scams targeting Medicaid, the Small Business Administration (SBA), the IRS, a private company, and two elderly romance scam victims. He was sentenced to 4 years in jail on September 15, 2022.
“These allegations depict a brazen effort to siphon monies, in part, from essential health care programs to instead fund personal gain,” said Deputy Inspector General for Investigations Christian J. Schrank of the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG). “A top concern of HHS-OIG is the integrity of programs such as Medicare and Medicaid, so it is an utmost priority to pursue individuals who financially exploit them. This coordinated action is a prime example of the commitment that HHS-OIG and our law enforcement partners have to defending the federal health care system against fraud.”
The post 10 Charged Over BEC Scams Targeting Medicare, Medicaid, and Private Insurance Programs appeared first on HIPAA Journal.