ILORIN, Nigeria—Around November 2020, Kayode said he was invited to a house party—the kind attended mostly by others involved in the country’s illicit digital economy.
The college sophomore studying towards a hard sciences degree had reservations about attending a party during a global pandemic, but he didn’t have much other to do than spend time with other so-called “yahoo boys”—an archaic nickname that recalls when Nigerian cyber fraudsters were synonymous with Yahoo Mail and “Nigerian Prince” spam.
The market has now graduated into more complex and targeted schemes, experts told the Record. And Kayode, who wanted to be identified only by this nickname due to security concerns, is one of many young Nigerians who turned to that market as the COVID-19 pandemic disrupted their education and left them with few options.
Since the start of the pandemic, experts say, Nigeria has witnessed an increase not just in the number of people drawn into cyber crime, but also in the complexity of tactics they deploy.
“The exposure to cyber fraud will continue to grow because of the economic hardship which will take time to fizzle out,” Geoffrey Okolorie, a researcher of cyber fraud and the head of Digital Forensics at Nigeria’s Economic and Financial Crime Commission or EFCC, which enforces the country’s cybercrime laws, told the Record via email.
But there’s also been a shift in the country towards moral and societal acceptance of scamming as an economic necessity, or at least an opportunity many can’t pass up.
Certainly, when Kayode headed to the party last year, it seemed like an opportunity.
“It’s also a very great place to connect with bigger guys,” Kayode recalled.
So he went, a decision he would come to regret.
Around 11 p.m., a fight broke out between two of the bigger guys.
“The party became besieged by guys wielding cutlasses and broken bottles,” said Kayode. “They blocked exits and began harassing everyone.”
Kayode said he and three other guys stood up to defend themselves. One of the much older attackers ordered him to “sit his ass down,” but Kayode refused.
Then they beat him until he threw up and passed out, he said.
A means of survival
The party was ultimately a wake-up call of sorts for Kayode, but even now his descent into cybercrime can sound rational given the nightmare of trying to stay afloat amid the pandemic in Nigeria.
“I needed to do something. I needed to survive,” Kayode said. “I’m not justifying my decision, but there’s something in being at home, doing nothing, but paradoxically doing everything in your capacity to stay alive, yet you are kind of dying, that makes you care less about others.”
Nigeria represents one of the largest economies in the world and the largest in Africa. Although oil and agriculture are still the country’s largest industries, its tech ecosystem is one of the world’s fastest growing.
But according to Trading Economics, the average Nigerian salary is 43,200 naira (about $105) a month, still far behind that of many other countries with strong tech sectors. Meanwhile, the country’s jobless rate is the second highest in the world—quadrupling in the last five years and surging to 33.3 percent from 27.1 percent amid the pandemic, Bloomberg reported in March.
Young Nigerians have been hit the hardest by the epidemic’s unemployment crisis—driving many to online crime and forcing cultural re-evaluation of its morality, according to Oludayo Tade.
“It creates this orientation that this society does not take care of us, so we have to take care of ourselves,” said Tade, who researches and teaches sociology and criminology at the University of Ibadan, Nigeria.
Kayode seems like an unlikely criminal at first glance.
In high school, he says, he was an A student and served as his school’s social prefect, while also representing his school in academic competitions. And he scored well enough on the Nigerian equivalent of the SAT’s to land a spot at the University of Ilorin, one of the country’s most elite educational institutions—where I also attend.
But as Kayode was in the middle of first semester exams for his sophomore year in March 2020, the Academic Staff Union of University embarked on a two-week warning strike—citing unmet demands and disagreement with the federal government. Then the pandemic struck Nigeria, and the federal government imposed an indefinite nationwide lockdown. University students were encouraged to leave their dorms and go home until education resumed.
That wasn’t so easy for Kayode.
His parents divorced when he was young, and his mother was given custody. He described the relationship between him and his father as “vague,” and even worse after he started at university. So he depended mostly on his mother, a businesswoman—who verified elements of his story. But because she lived in a small apartment in another city, they’d both agreed that he stayed in his off-campus housing in Ilorin.
By May 2020, it had become clear that the pandemic wasn’t leaving soon. And it came at a price—one being paid mostly by poor and middle-class Nigerians.
While Nigeria’s poverty indicator remained at roughly 40 percent, inflation in the country climbed to 17 percent. According to a recent World Bank report, the pandemic pushed Nigerian families further below the poverty line and forcing some to go hungry:
In August 2020, 67% of (surveyed) households reported that their income was lower than a year before, while in July 2020, around 69% of those households that experienced shocks since the outbreak of COVID-19 reported reducing their food consumption (among other negative coping strategies).
Kayode’s mother was among those who hit hard times, so she sent him less money. And due to the country’s economic turmoil, what she could send didn’t last as long.
“I could purchase even less with the money due to inflation,” Kayode said.
Kayode said he first looked for normal jobs. He had learned graphic design and taken courses on online marketing, so he tried to monetize those skills first and even tried to pick up some new ones.
“There were little returns,” Kayode said.
According to PwC, digital skills awareness increased globally during the pandemic, but work inequality and inaccessibility remained crucial issues facing the global workforce.
Turning to cybercrime
After Kayode’s hunt for a legitimate job failed, he turned to the next potentially profitable use of his digital skills: cybercrime.
As student housing thinned out due to stopped academic activities, those who stayed behind were mainly students who were independent, had no other choice, or engaged in criminal activities. The shallow social pool pushed those around to spend more time with one another.
This “introduced more students into criminal activities,” according to Kayode.
“I saw that everyone around me was doing it. And that I could actually do it better,” he said. “Looking back, I realize that I didn’t even see it as a major decision. It just seemed like the next sensible thing to do.”
When Kayode first started, he said he engaged mainly in dating-app scams—fraud where the actor pretended to be a love interest to defraud the victim of money or personal details that could be used in applying for benefits or loans.
Typically, in the case of identity fraud used to apply for benefits and loans, most cyber fraudsters engage the victim and gain their trust over time, but another member of the criminal gang—a so-called “loader”—handles the technical part of applying and convincing the system that the applications are valid. Loaders are also the ones in charge of laundering the funds once released, but can’t always be trusted to pay out the scammers who supplied information to carry out the identity fraud.
After being ripped off by one loader, Kayode shifted to hook-up scams—a type of scam where the actor poses as an escort looking to hook up or sell nude images. The scam is completed when the victims wire funds meant for the supposed escort’s service through Paypal, Zelle, or Apple Pay, or send details of activated gift cards. The scam can yield as low as $50 and up to $1,500, but often average at $100 to $250. It’s especially popular with Snapchat and dating or hookup sites.
“It’s low pay, but also low risk,” said Kayode. He also saw it as less morally questionable to target those seeking out sexual pleasure.
“In the true sense, you’re not committing a major crime. It’s sort of like a gray area—and if it’s a crime, victims are often too ashamed to report it.”
These schemes helped Kayode and many other young students afloat, but boosted cybercrime originating from the country.
Nigeria’s EFCC declined requests for data about cybercrime during the pandemic. However, data about arrests for internet-enabled crimes shared by the commission’s Twitter handle from January 2019 through June 2021 and analyzed by the Record show a significant increase in arrests as the pandemic continued.
In 2019, the EFCC tweeted cyber fraud arrests totalling 117. In 2020, the number dropped to 62—with a significant gap between March to July when the pandemic peaked in Nigeria. However, between January 2021 to June 2021, the commission shared information about the arrests of more than 300 individuals on charges related to cyber fraud.
The agency stopped posting in June 2021 after the Nigerian government banned Twitter access following the removal of a tweet from the president that Twitter said violated its community standards and in response to how the platform was used by activists to organize major protests in Nigeria the previous summer.
“The persistent use of the platform for activities that are capable of undermining Nigeria’s corporate existence,” Segun Adeyemi, special assistant to the minister of Information and Culture, said at the time, according to the Nigerian Guardian.
In October 2020, Nigeria had one of its largest series of protests against police brutality. The #EndSARS protest was geared against the disbandment of the Special Anti-Robbery Squad, a police sect that was created to respond to issues of armed robbery and kidnapping, but became notorious for abusing and extorting youths on false charges of cyber fraud.
Weeks into the protests, the president announced the disbandment of the unit, but the movement had already graduated into a bigger call for police reform—one that was met with state violence. On Oct. 20, 2020, members of the Nigerian military and police opened fire on protesters at the Lekki toll gate.
The #EndSARS movement was part of a larger trend of political unrest worldwide during the pandemic, many involving alleged state corruption and abuse of power as well as economic hardship. Disruptions have been especially common in countries without the resources to provide their citizens support during the crisis—such as elsewhere in Africa, including Tunisia and South Africa, as well as Colombia in South America.
But the United States, too, has also been rocked by unrest—including the Jan. 6 attack on the Capitol by supporters of then-President Donald Trump, the wave of protests against racist police brutality in response to the killing of George Floyd while in police custody in summer of 2020, and the rise of anti-work sentiment driven by the treatment of frontline workers during the pandemic.
Nigerian-based scammers have long targeted aid and financial systems in wealthier countries—and the expansion of benefits in the U.S. and elsewhere during the pandemic was met with even more attacks amid this unrest.
Data released by the U.S. Federal Bureau of Investigations in response to Freedom of Information Requests shows Nigerian cyber actors obtained more than $110 million as financial recipients of fraudulent applications of aid such as benefits and loans in 2020, almost three times the roughly $33.9 million figure reported for 2019. (The agency did not respond to requests for further comment.)
“Because the United States not only increased governmental aids and benefits, it also eased the process of applications, it made it easier for cyberfrauds to fool the system,” said John Wilson, a senior threat researcher at AGARI by HelpSystems.
According to a report from AGARI that analyzed 2,200 business email compromise attacks between May 2019 and July 2020 where the actors weren’t using proxies or masking their locations, 50 percent “hailed from Nigeria”—representing more than 80 percent of African threat actors in the sample.
But even those figures don’t truly reflect how normalized participation in cybercrime is in Nigeria. The country’s ties to digital fraud go back to the 1990s, when emails from fraudsters claiming to be princes or other wealthy figures who could offer access to vast funds in exchange for a financial advance grew so prevalent the local slang for it—“419” fraud—references the section of the Nigerian law that criminalizes such scams.
And today, the same dark digital economy that attracted Kayode is also connected to high profile national figures who allegedly pulled in high figure paydays. For example, in May, a senior special assistant to the governor of Nigeria’s Ogun state—Abidemi Rufai—was arrested in the United States for allegedly defrauding Washington state of more than $350,000 in pandemic unemployment benefits that were collected using stolen identities.
Other prominent Nigerians who have faced legal consequences for cybercrime include Ramon Olorunwa Abbas, an Instagram influencer known as Hushpuppi, and Obinwanne Okeke—popularly known as Invictus Obi and included on Forbes 30 under 30 Africa list in 2016.
In July of this year, Abbas pleaded guilty to “Conspiracy to Engage in Money Laundering” and implicated fellow conspirators, including Abba Kyari—a now suspended deputy commissioner of the Nigerian Police Force.
In June 2020, Okeke pleaded guilty to internet fraud amounting to $11 million losses to his victims and is currently serving a 10-year prison sentence in the United States. In a recent interview with journalist David Pright, Okeke described first getting involved in fraud as a means to gain start-up capital after observing a friend and mentor using stolen banking and crypto credentials bought online to drain accounts.
He also connected the crime to the country’s larger economic situation, describing the country as beautiful, but impoverished—and “a hazardous obstacle course that most will never navigate through.”
The morning after
Kayode said he has no concrete memory of what happened after the attack until he woke up the next morning. He picked a call from his mom and then it dawned on him that while he was out, party attendees must have panicked and called her.
“She was trying not to cry because she was in a bus on the way here, and I was angry at those who called her. But they also were scared,” Kayode recalled.
Kayode’s mother came to Ilorin and took him back to stay with her in a different part of the country.
“I blamed myself for what happened, she blamed herself for not being enough, and we did that circle until school resumed,” he said.
While many educational institutions around in Nigeria and around the world tried to keep school on track with distance learning, the Academic Staff Union of University strike that began around the same time as the pandemic hit the country extended for nine months. When it was finally resolved, students were still left battling new technological barriers while trying to play catch up for the recent gap in their education.
Kayode says he has regained trust with his mother, but still blames himself for what happened.
“The environment was stimulating, but I’m sure there are others who were worse off, but did not do this,” he said.
I also spoke with several people who were related to students who became cyber fraudsters during the pandemic. Many had to decide to either distance themselves, or accept them anyway and battle with the moral guilt.
One woman said her elder brother was now engaged in cyber fraud, but she couldn’t bring herself to tell their parents about it.
“He’s no longer who he was,” she said, but he’s still her brother.
The issue also affected my own relationships.
I began researching this topic late last year after noticing an increase in cyber fraudsters around me, including my friends. When I first started to investigate, I approached two then-close friends who had also become cyber fraudsters over the course of the pandemic. We discussed the economic factors and they both agreed to speak with me whenever I decided to report the story.
By the time I approached them again this September for this story, not only had we grown apart, their perspective on cyber fraud had also shifted from seeing it as mere survival strategy to something nobler.
They no longer wanted to speak with me because as one put it, “he’d grown beyond who he was when the year started.” He now viewed cyber fraud as a sort of rebellion against a global economic system that is inherently unfair.
I met Kayode online around the same time those people pulled out. I met Kayode in a closed WhatsApp group where people discussed politics and environmental issues. We discussed over several WhatsApp phone calls before meeting physically.
Kayode knew who I was, but I did not know him, so twice we’d talk and he’d tell me that he saw me on campus. When we eventually met in an empty lecture room, he was reading Manuscript Found in Accra by Paulo Coelho.
We discussed names that we both knew, including some who I had earlier sought to interview, as well as very specific knowledge about fraud techniques that made me feel confident in his involvement in cybercrime. While elements of this piece—including the account of the party—rely heavily on Kayode’s version of events, I also verified them with contemporary messages provided by Kayode and another person familiar with the timeline.
Although I had already spent about 10 months reporting this story, his story helped me understand the wide web of cyber fraud I personally saw expand across campus. And experts tell me it’s likely this new generation of Nigerian cybercriminals will not be the last of their kind.
Before the pandemic, a 2019 study by researchers Suleman Lazarus and Okolorie divided Nigerian fraudsters into two categories in terms of knowledge and technological sophistication: the yahoo-analog and the yahoo-digital.
The “analog” referred to largely uneducated and uninformed cyber fraudsters who are less efficient than their digital counterparts. The yahoo-digital relied more on sophisticated techniques and built larger criminal networks and relied less on spirituality than the analogues.
“It’s notable to say that the recent increase has been mainly among the yahoo-digitals,” said Okolorie told the Record over email. “This will in turn, affect the complexity of future attacks and make them harder to prevent.”
Wilson also said there’s been an increase in the complexity and tactics deployed by threats from the regions, even before the pandemic.
“More of these guys are masking their locations with proxies, but by other indicators, we can tell they’re West African actors,” he noted.
This professionalization is reflected in the prosecution of high-profile people for cybercrimes as well as other cultural trends within the country.
Nigerian “cyber fraud is also becoming more branded, unlike before when youths were ashamed to be recognised as cyber fraudsters,” said Okolorie.
Now cyber fraud in Nigeria is celebrated as a lifestyle identified through a series of fashion tropes, lingo, and music—not unlike the rise of gangster rap along with drug-related gangs in the United States during the 1980s and 1990s.
This culture is also going more mainstream, including through things like the popularization of songs like Cash App by Bella Shmurda and other music explicitly promoting the “yahoo” lifestyle.
Even everyday people became bolder in mini-criminal acts—such as sharing updates and procedures along with the contacts of people who assist in duping a victim or carting away funds from successful deals.
And for Kayode, leaving that life behind has been hard.
“I know a lot of guys who joined the game that same period I did—and to the best of my knowledge—I’m the only one who’s no longer doing it,” Kayode said.
“The ones I still know are now big fishes and obviously, I’m not in a better place than them financially. But, also, it’s hard to see myself as morally superior,” he added.