A Nigerian man accused of using an email phishing scheme to steal login information from government employees appeared in federal court Thursday.

According to the September 28 indictment, Olumide Ogunremi and other conspirators employed phishing attacks in 2013 to trick a number of employees at the Environmental Protection Agency and the Commerce Department into providing their usernames and passwords. The hacking ring created fake but realistic-looking emails and web pages to dupe feds into revealing their credentials.

Then, according to the indictment, the hacking ring used the stolen credentials “to place fraudulent orders for office products,” often bland items such as printing cartridges, from vendors authorized to do business under the General Services Administration. Items were shipped to New Jersey—to facilities Ogunremi controlled—where items were repackaged, shipped overseas to Nigeria and sold on the black market for profit. Altogether, the scheme netted almost $1 million in profit, according to the Justice Department.