A significant number of Nigerian cybercriminals have been sent to prison in recent months in the United States, and some of them received lengthy sentences.

The latest is Babatunde Francis Ayeni, a Nigerian national who had been living in the UK until he was extradited to the US. On Thursday, the Justice Department announced that he received a 10-year prison sentence for a business email compromise (BEC) scheme targeting real estate transactions. 

According to authorities, Ayeni was involved in a sophisticated BEC scheme that involved phishing the email credentials of real estate agents and attorneys in the United States.

The man and his co-conspirators monitored compromised email accounts for significant real estate transactions and then instructed the party that was making the payment — by sending them an email from the hacked account — to wire the funds to an account controlled by the fraudsters.

According to the DOJ, more than 400 individuals from the US fell victim, more than half of which were unable to recover the money and lost a total of nearly $20 million. 

Two of Ayeni’s accomplices, Feyisayo Ogunsanwo and Yusuf Lasisi, have been identified and charged, but they remain at large. 

Ayeni is the second Nigerian to be given a lengthy prison sentence this month over his role in a BEC scheme targeting real estate transactions. 

Last week, the Justice Department announced that Kolade Akinwale Ojelade has been sentenced to 26 years in prison for a BEC campaign that resulted in losses totaling $12 million. Ojelade had also been living in the UK before he was extradited to the US.

The US has prosecuted many Nigerian cybercriminals in recent months. Oludayo Kolawole John Adeagbo, who was extradited from the UK in 2022, was sentenced to seven years in prison in September for his role in a multimillion-dollar BEC scheme. 

Another Nigerian citizen who was extradited from the UK to face cybercrime charges, Simon Kaura, was sentenced in September to five years in prison for selling stolen financial information on the dark web.  

Bamidele Omotosho, also extradited from the United Kingdom, received a 12-year prison sentence in July over a cybercrime scheme that involved purchasing credentials and personal information from a dark web marketplace, and using it to make fraudulent money transfers.

Ebuka Raphael Umeti, who was last year extradited from Kenya to the United States, was sentenced to 10 years in prison in early September.  His co-defendant, Franklin Ifeanyichukwu Okwonna, was sentenced at around the same time to five years and three months in prison.

Related: Four REvil Ransomware Group Members Sentenced to Prison in Russia

Related: Russian Sentenced to Prison in US for Selling Stolen Information