Follow Us on Google
• Concerns mount as foreign criminals take over Nigeria’s digital landscape
From Adanna Nnamani, Abuja
It usually starts with an email that looks ordinary. A loan offer from a Nigerian bank, a crypto trading app, or a too-good-to-be-true investment link.
The website looks Nigerian. The customer care number is Nigerian. The IP address is traced to Lagos or Abuja. But behind the screen, somewhere in Eastern Europe or Asia, sits a foreign fraudster running a global scam, cloaked in a digital Nigerian mask.
Over the last few years, Nigeria has quietly become a global hotspot, not just for cybercrime committed by Nigerians but also for cybercriminals from other countries using Nigeria’s digital infrastructure as their cover.
From Lagos tech hubs to Port Harcourt apartment blocks, foreign cybercriminals are embedding themselves in Nigeria’s digital economy, setting up elaborate fraud operations that appear to originate locally. They exploit the cracks in Nigeria’s digital systems such as weak KYC (Know Your Customer) enforcement, porous SIM registration processes, and leaked national identity data, to impersonate Nigerians and carry out online crimes that span continents.
Recently, while speaking at the 2025 National Cybersecurity Conference in Abuja, chairman of the Economic and Financial Crimes Commission (EFCC), Mr. Ola Olukoyede, revealed that 146 out of the 194 foreign nationals arrested last year in connection with one of the biggest international cybercrime syndicates operating in the country had been convicted.
According to Olukoyede, the suspects, made up of mostly Chinese and Filipinos, had been using Nigerian identities, email accounts and IP addresses to commit cross-border fraud, giving the world the false impression that the crimes were being perpetrated by Nigerians.
He said the arrests were made through a new EFCC-led operation targeting transnational cybercrime rings, adding the the suspects would be repatriated after serving their jail terms in Nigeria.
He stated: “In EFCC, we have been able to optimize, to a reasonable extent, our resources to develop cybersecurity. In the last two years, we have been able to progress in dealing with cyber threats in the economy. Some of the milestones we have already implemented are enhanced capabilities in cyber forensic analysis and building syndicates to structure correlating significant violations and convictions in cybercrime cases.
“While we are aware of the fraud perpetrated through cyberspace, including cryptocurrency fraud by importing some of these international players in cryptocurrency, you are aware that we recently busted one of the biggest international cyber fraud syndicates in Nigeria, consisting mostly of foreigners, people from other jurisdictions, using Nigerian identities to perpetrate fraud. And when you go out there, it looks as if it is Nigerians doing these things. You see digital letters, e-mail accounts that have used Nigerian IP addresses, the names of Nigerians, but behind them are foreigners. We were able to arrest more than 194 of them in a new operation we launched and we are still on it.
“As of yesterday, we secured the conviction of about 146 of them. They are going to serve their jail time. After the jail time, they are going to be handed back to their governments.”
Interpol’s 2025 Africa Cyberthreat Assessment shows that cybercrime now accounts for 30 percent of all reported crime in West Africa, with Nigeria at the centre of the crisis. The country recorded 3,459 ransomware detections in 2024, while Check Point Software Technologies estimates that Nigerian organisations face 3,759 cyberattacks every week.
The problem lies deeper than mere statistics as Nigeria’s digital identity is being hijacked. Dark web forums now sell bundles of Nigerian BVNs, NINs, and pre-registered SIM cards to the highest bidder. Foreign scammers buy this data, create synthetic Nigerian profiles, and launch scams worldwide under these false identities. Many register fake companies with the Corporate Affairs Commission (CAC) to set up bank accounts and digital wallets, giving their operations a veneer of legitimacy.
In Lagos and Abuja, some co-working spaces have become hubs for these networks. Tech-savvy foreign nationals rent office desks, run training sessions for locals, and operate cyber-fraud pipelines that target victims in Europe, North America, and Asia. Some have been caught teaching phishing, social engineering, romance and crypto investment scams, while hiding behind Nigerian IP addresses and bank accounts.
According to a 2025 report by Sumsub, synthetic identity fraud in Nigeria rose by 192 percent in just three months. That means fraudsters are increasingly creating fake personas combining real and fictitious information to bypass security checks. In many cases, the perpetrators aren’t Nigerian, they are foreign nationals hiding behind Nigerian data.
Part of the problem lies in the gaps between Nigeria’s agencies. The National Identity Management Commission (NIMC), banks, telecommunications companies, and fintech startups often operate in silos. Without seamless data sharing or strict enforcement of biometric verification, it’s easy for bad actors to exploit the system.
According to The Director General of the National Information Technology Development Agency (NITDA), Kashifu Abdullahi, the country currently faces a staggering 90.6 per cent cybersecurity workforce gap, with only 25,760 professionals available to protect a population of over 220 million.
Abdullahi said the country needs at least 275,000 cybersecurity professionals to meet global standards, based on a benchmark of one cybersecurity expert per 800 citizens. However, Nigeria’s current ratio stands at one expert to every 8,000 people, far below the global average.
Abdullahi explained that the shortage of skilled personnel poses a major threat to the country’s digital economy, national security, and critical infrastructure, especially as cyberattacks become increasingly sophisticated and frequent.
The consequences go beyond financial loss. Nigeria’s global reputation continues to suffer, as foreign criminals operating behind Nigerian masks damage trust in the country’s digital sector. From e-commerce to fintech, the fear of fraud has become a serious barrier to growth and foreign investment.
For Nigerians living abroad, the stigma is personal. Many face extra scrutiny at airports, visa interviews, and even online platforms because the global narrative lumps all digital fraud under the “Nigerian scam” label, regardless of who is truly behind it.
“The world thinks it is Nigerians committing these crimes, but often it’s foreign syndicates using our infrastructure. Until we fix the system, the world will keep pointing fingers at us,” said cybersecurity analyst, Toochukwu Ezioha.
At the heart of the issue is the need for digital reform. Experts have called for stronger national ID protections, mandatory biometric verification for telecoms and banks, stricter KYC enforcement across the tech space, and better collaboration between regulatory bodies.
They warn that without urgent action, Nigeria risks becoming not just a victim of cybercrime, but a global hideout for digital criminals who exploit its digital gaps to operate in the shadows.
For now, the scams continue to spread across borders, while Nigeria’s name remains on the email headers, the IP logs, and the blame list.
Speaking on the effort of the government so far, Abdullahi disclosed that the agency has developed an eight-pillar strategic roadmap aimed at curbing cyber frauds.
The pillars include fostering digital literacy and cultivating tech talent, building a robust research ecosystem in emerging technologies such as AI, blockchain, and robotics, and strengthening policy and legal frameworks to support cybersecurity efforts.
The NITDA DG said: “Our strategic roadmap and action plan has eight pillars. The first one is to foster digital literacy and cultivate talent because digitization is about digitalizing everything. The second objective is to enhance the protection of our national critical infrastructure through a robust policy framework. Already, the National Security Advisor last year led the enactment of our Cybersecurity Act.
“He secured the presidential approval for the National Cybersecurity and National Critical Information Infrastructure Act, which designated IT infrastructure as a national critical infrastructure. We are also working on reviewing the bill again. Our National Assembly members are championing that to make sure we have the right policies, legislation, and legal framework to protect our cyberspace.
“The third objective is to facilitate global partnership to combat cyber threats and enhance intelligence sharing. With 175 organizations working together, looking at the threat landscape, sharing intelligence on how to combat cyber threats, I think we should be able to contain any cyber threat as well as build a resilient cyberspace in our country. The fourth one is promoting cybersecurity education and skills development. Because cybersecurity is about humans. Based on the World Economic Forum, more than 95 percent of cyber breaches are as a result of human errors. Therefore, our first line of defense is human.”
Similarly, the EFCC boss said the Commission is working closely with international partners such as the FBI, UK authorities, and the Italian government, with whom it recently signed a Memorandum of Understanding (MoU) to jointly investigate and prosecute global cybercriminals infiltrating the nation.
