Heightened Threat: Fraudsters Pose as Nigerian Tech CEOs, Attempt Employee Email Scams

Heightened Threat: Fraudsters Pose as Nigerian Tech CEOs, Attempt Employee Email Scams

In a worrisome trend, Techpoint Africa has verified three distinct incidents involving employees receiving deceptive emails impersonating their (former) CEOs. The emails, seemingly urgent in nature, requested immediate assistance in resolving overdue payments.

The content of these emails typically follows a professional tone and structure, with variations in the requested amount, promised reimbursement timeframe, and the CEO’s email signature. 

A common thread among them is the appeal for the recipient to cover an overdue payment, often expressed as follows: “Do you have up to N1m in your personal account to cover an overdue payment for me this morning? I will make arrangement(sic) for a refund on Friday. Please advise, and I will forward the beneficiary details within the next hour.”

The initial report was filed by Emmanuel Paul, Managing Editor at Techpoint Africa, who received an email posing as Adewale Yusuf, the company’s co-founder and former CEO. Immediate action was taken, notifying Yusuf about the attempted fraudulent activity.

Subsequently, two similar cases were documented on X (formerly Twitter) by Abimbola Adebakin, CEO of Advantage Health Africa, and Ikpeme Neto, CEO of WellaHealth. During a brief conversation, Adebakin confirmed that three employees reported encountering a similar email scam.

Interestingly, the scammers went to great lengths to impersonate the CEOs by creating Outlook and Hotmail accounts in their names to dispatch the deceptive emails.

In one instance, when an employee requested account details for the supposed transfer, they were provided with account information in the CEO’s name, linked to OPay and Palmpay accounts. Notably, the provided phone number associated with these accounts was inactive and did not belong to the CEO.

This situation raises concerns about the account opening processes within Nigeria’s expanding digital banking sector. The incident prompts questions about the efficacy of the account verification procedures employed by digital banks, Neobanks, and MFBs in the country.

The surge in fraud within the fintech space has become a growing concern for industry founders. Reports suggest that certain digital banks may have lax procedures for opening accounts, leaving potential vulnerabilities for exploitation.

Fortunately, none of the targeted employees fell victim to these scams, as they sought confirmation from their CEOs regarding the emails’ authenticity.

Blessing Agbor, a cybersecurity engineer, categorizes these incidents as instances of email spoofing, specifically Business Email Compromise (BEC). This type of scam leverages familiarity and personalization to exploit victims’ trust in their employers, using financial incentives and fear of repercussions to elicit favorable responses.

Agbor recommends several preventive measures, including establishing clear reporting procedures for suspicious emails, educating employees about email spoofing techniques and scam red flags, enforcing strong passwords and multi-factor authentication (MFA), and implementing host-based anti-malware software.