Nigeria’s rapidly expanding digital economy is facing increasing threats from cybercriminals as attacks targeting banks, fintech firms, government agencies and private businesses continue to rise, exposing major weaknesses in the country’s cybersecurity architecture. From financial fraud and ransomware attacks to artificial intelligence-powered malware and large-scale data breaches, cybersecurity experts warned that many Nigerian organisations are struggling to keep pace with evolving digital threats despite the nation’s growing dependence on online platforms and digital financial services.
“Nigeria is witnessing an alarming rise in cyber threats, with experts revealing that the country now records more than 4,000 cyberattacks weekly, resulting in losses estimated at over N12 billion within one year. The attacks which target banks, fintech firms, government institutions and private businesses, are increasingly driven by sophisticated technologies such as artificial intelligence-powered malware, ransomware and phishing scams, raising concerns over the nation’s digital security preparedness,” stakeholders stated.
Recent attacks on public platforms, including the website of the Corporate Affairs Commission and digital payment infrastructure linked to Remita, alongside fresh warnings from the National Information Technology Development Agency (NITDA) over a dangerous AI-powered malware known as “DeepLoad,” have heightened concerns about Nigeria’s cyber resilience. NITDA warned that the malware possesses the capability to steal sensitive information, bypass conventional security systems and infiltrate networks belonging to banks, businesses and government institutions through deceptive prompts and manipulative online interactions designed to trick unsuspecting users.
The growing cyber threats have triggered fresh debate among stakeholders over whether Nigeria’s digital infrastructure is adequately protected against increasingly sophisticated attacks, particularly as millions of Nigerians continue to migrate daily activities online. Stakeholders warned that the growing dependence on digital platforms for financial transactions, communication and public services has expanded the country’s vulnerability to cybercriminals. They noted that cyber fraud, identity theft and data breaches are becoming more frequent, with many organisations lacking the advanced security infrastructure and skilled personnel needed to counter emerging threats.
Analysts also stressed that small and medium-scale enterprises remain among the most exposed due to weak cybersecurity frameworks and low awareness of digital risks.
A Lagos-based data protection consultant, Bola Williams, said many Nigerian firms remain dangerously exposed because cybersecurity is still treated as a secondary concern rather than a strategic business priority. According to her, many organisations are aggressively pursuing digital transformation without making corresponding investments in cybersecurity infrastructure, staff awareness and data protection systems. “Many organisations are embracing digital expansion very quickly, but their security systems are outdated. Some firms are storing sensitive customer information without adequate encryption or proper access control measures,” she said.
Williams warned that beyond financial losses, repeated cyber breaches could significantly erode public trust in digital banking systems, fintech applications and online transactions. Similarly, a UK-based Nigerian data specialist, Temidayo Akindele, stressed that trust remains the foundation of digital interactions, especially as more Nigerians increasingly depend on cloud-based platforms and online financial services. “People want to know that the person at the other end of their digital interaction is genuine and that they are not being scammed. Secure digital platforms help to build confidence that personal information is protected from unauthorised access,” she stated.
According to her, poor data ethics and weak handling of personal information by organisations and individuals are contributing to broader systemic vulnerabilities within Nigeria’s digital ecosystem. “With the growing use of artificial intelligence, algorithms and online profiling, data must be handled responsibly. In the absence of adequate safeguards, digital interactions can expose individuals and businesses to serious risks,” she added.
Cybersecurity analysts also warned that cybercriminals are increasingly deploying artificial intelligence tools to automate attacks, generate fake identities, manipulate voices and evade traditional security systems. Another cybersecurity expert, Kunle Adebayo, noted that many Nigerian organisations still rely on outdated antivirus systems that are unable to effectively detect modern AI-enhanced threats. “Cyberattacks are no longer limited to phishing emails. AI is now being used to create adaptive malware capable of responding to security systems in real time,” he explained.
He advised organisations to integrate cybersecurity into every stage of operations and digital transformation projects while establishing dedicated security teams and appointing Chief Information Security Officers (CISOs) to strengthen accountability. Stakeholders further noted that Nigeria’s booming fintech ecosystem and rising adoption of digital banking have made the country increasingly attractive to transnational cybercriminal networks.
The increasing wave of bank account hacks and electronic fraud across Nigeria has continued to expose vulnerabilities within the financial system, with victims reportedly losing millions of naira through insider compromise, SIM swap fraud, fake transaction alerts and coordinated cyberattacks. Investigations by anti-graft agencies and security operatives have shown that many of the fraud schemes are allegedly aided by insider collaboration involving Information and Communications Technology personnel within financial institutions who provide backend access to criminal syndicates.
One victim, identified simply as Mrs Akinola, reportedly discovered that the entire balance in her savings account had vanished overnight despite not sharing her debit card details, PIN or banking passwords with anyone. Following internal investigations, the funds were eventually refunded after bank officials reportedly admitted that the compromise originated from unauthorised backend access. The Economic and Financial Crimes Commission (EFCC) has repeatedly warned that a significant percentage of high-profile banking fraud cases in Nigeria involve insider connivance by individuals with access to critical financial systems.
In another major incident in 2025, cybercriminals reportedly breached the infrastructure of a leading commercial bank and allegedly transferred over N10 billion through coordinated automated transactions executed across multiple channels within hours. The attack reportedly left thousands of customers stranded, with many unable to access their banking applications while others woke up to empty balances. To contain the spread of the stolen funds, a court reportedly ordered the freezing of hundreds of suspicious accounts linked to the movement of the proceeds through Point of Sale operators and digital payment networks nationwide.
Small business owners have also continued to suffer losses through fake transaction alert scams. A Lagos trader, Mrs Chinyere Okafor, recounted how a customer purchased goods worth over N30,000 and presented what appeared to be a successful transfer notification bearing her correct account details and name. Believing the payment had been completed, her sales attendant released the goods, only for the family to later discover that no funds had entered the account balance. Investigations later suggested that fraudsters used applications capable of simulating bank alerts and intercepting transaction notifications to deceive merchants.
In addressing the increasing incidents of electronic fraud, particularly Authorised Push Payment scams where victims are manipulated into approving transactions, the Central Bank of Nigeria (CBN) directed financial institutions to investigate complaints promptly and reimburse customers where fraudulent activity is confirmed.
However, an account of such a mammoth case of bank hacks involves syndicates that compromise bank accounts of over 1,000 commercial bank customers.
The Nigeria Police Force Zone 2 Command dismantled a syndicate allegedly specialising in hacking customers bank accounts through SIM-related fraud and unauthorised access to banking portals.
The police authorities disclosed that two suspects arrested in Ogun State allegedly belonged to a nationwide network responsible for compromising over 1,000 customer accounts across multiple banks. Investigators said members of the syndicate operated in coordinated cells, with some allegedly sourcing SIM cards from stolen phones while others focused on extracting banking details linked to victims Bank Verification Numbers.
According to the Command, detectives deployed digital tracking technology to trace the suspects to their hideout after receiving a petition from one of the affected banks. Preliminary findings reportedly revealed that members of the group used specialised software to gain unauthorised access into banking systems and manipulate customer-linked phone numbers to facilitate illegal withdrawals.
Meanwhile, one of the suspects allegedly admitted to assisting associates in opening accounts and changing linked phone numbers for financial rewards, while another reportedly confessed to replacing the phone number attached to his bank account at the request of syndicate members. Several Nigerians have continued to recount experiences involving stolen phones and emptied bank accounts which shows its beyond organised cyber hack syndicates.
A Lagos resident, Eze Nwosu, narrated how fraudsters allegedly withdrew funds from multiple accounts shortly after his mobile phone was stolen while returning from work. According to him, the criminals used the stolen SIM card to purchase recharge cards and attempted additional transactions before he succeeded in blocking the line.
Another victim, identified simply as Bayo, claimed criminals allegedly hacked into four of his bank accounts after stealing his phone during a weekend when banking halls were closed, making it difficult for him to quickly deactivate his mobile banking access.
However, experts warned that beyond immediate financial losses, persistent cyberattacks could damage investor confidence in Nigeria’s broader digital economy ambitions and discourage both local and foreign investments in the country’s technology ecosystem. Experts have therefore called for urgent collaboration between government agencies, financial institutions, telecommunications operators and technology firms to strengthen Nigeria’s cybersecurity architecture.
They urged increased investment in cyber defence systems, digital literacy and stricter enforcement of cybersecurity regulations to protect businesses and consumers.
According to stakeholders, failure to tackle the escalating attacks could undermine investor confidence and threaten the growth of Nigeria’s rapidly expanding digital economy.
