The Central Bureau of Investigation has booked a Nigerian national, who was earlier arrested for his role in hacking into the email accounts of two senior agency officials, for allegedly using two forged Indian visas to stay in the country. The CBI had zeroed in on Emmanuel Amaechi Esonwanne during the probe into the email hacking, through which phishing mails were sent.
During a search at Esonwanne’s premises, the agency seized a passport which carried two Indian visas. The first was purportedly issued in August 2011 for the purpose of medical treatment at a Delhi hospital, while the other was shown to have been granted in March 2015 under the student category.
The passport carried an Indian immigration stamp dated November 10, 2011, and another of the Murtala Muhammed International Airport (Nigeria) on August 28, 2011.
The CBI cross-checked through the External Affairs Ministry and found that both the visas were forged. Esonwanne’s friend and his lawyer also could not provide his valid travel documents.
The previous case, in which Esonwanne was arrested, was registered on November 11, 2019. It was alleged that on August 6, 2018, as many as 27,548 emails were sent from the official email account of the then Delhi branch head of the CBI’s Anti Corruption-1 unit. The phishing mails carried the subject “service needed”.
The account was deactivated by the National Informatics Centre’s automated system, as it detected suspicious activities. As it turned out, the email account was illegally accessed via devices, whose IP addresses were located to Uttarakhand’s Dehradun and Houston in the United States. The agency was also able to detect the mobile phone number used to access the domain used by the CBI.
In the early hours of May 17, 2018, a similar incident was reported when 33,791 phishing mails were sent through the email account of another official. That CBI account was also deactivated. IP address of the device employed to hack the system was traced to Shimla in Himachal Pradesh. A mobile number used to access the domain was also detected.