‘COVID-419’: how cybercriminals in Nigeria exploited schemes to help people in need


File: Code for exploiting the bug, which is known as "Eternal Blue," was released on the internet in March by a hacking group known as the Shadow Brokers. Photo: Kacper Pempel / Reuters

Oludayo Tade, University of Ibadan


LAGOS - The COVID-19 pandemic, with its lockdown and social isolation, has added to the vulnerability of many Nigerians in several ways. Aside from health risks and disruption to livelihoods, the move from physical to virtual relationships heightened the exposure of people to cybercriminals.

The pandemic has changed the landscape of cybercrime in the country. The government’s social and welfare interventions, to cushion the impact of the pandemic, presented an opportunity for fraudsters to take advantage of vulnerable people.

These palliative interventions included food distribution, cash transfers and loan repayment relief.

In addition, with social distancing and restrictions on movement, people have been doing more online. This exposed them more to cybercriminals.

I undertook a study to examine how COVID-19-induced interventions in Nigeria had been exploited by criminals. My research explored which government policies had created opportunities for fraud, what fraud strategies were used, and how this victimisation could be prevented.

My data came from the Economic and Financial Crimes Commission, the Nigerian Police and the Central Bank of Nigeria. I also received examples of fraud schemes from a professional WhatsApp group and from students of criminology.

I found that lack of clearly defined parameters and beneficiaries of Nigeria’s palliative schemes created loopholes for cybercriminals. I’ve called their strategies “COVID-419” – a term combining the names of the coronavirus disease and section 419 of the Nigerian Criminal Code Act, which deals with fraud.

It’s important to understand how cybercriminals adapt to changing circumstances and what strategies they use, so that more harm can be prevented.

Context of COVID-419 cybercrimes

The social context of the COVID-19 pandemic in Nigeria helps explain how it presents opportunities to fraudsters. A large percentage – 65% – of the population works in the informal sector. It contributes about 50% of the country’s gross domestic product.

People working in the informal sector are heavily dependent on human interaction. They also rely heavily on public transport.

Lockdown measures had a devastating impact. As a result citizens appealed for help. In response, government formulated policies on palliatives to be given to the vulnerable. A Presidential Task Force on COVID-19 was also set up to coordinate distribution of the palliatives.

They included:

  • distribution of 70,000 tonnes of rice to poor and vulnerable households across the country

  • a three-month repayment moratorium for all Government Enterprise and Empowerment Programme loans such as TraderMoni, MarketMoni and FarmerMoni.

  • a three-month moratorium for all federal government funded loans issued by the Bank of Industry, Bank of Agriculture and the Nigeria Export Import Bank

  • cash transfers and food rations for internally displaced persons.

But the policy had a weak spot: there was no definition of who was poor and who was vulnerable. President Muhammadu Buhari’s broadcast on 29 March 2020 illustrated this.

For the most vulnerable in our society, I have directed that the conditional cash transfers for the next two months be paid immediately. Our internally displaced persons will also receive two months of food rations in the coming weeks.

Many citizens expected and awaited the palliatives. Some may never have got them despite being in need. It is difficult to know how many people actually did benefit. Figures are not easily available and one report said the palliatives were hijacked and distributed among the ruling party loyalists.

All the payments ordered by the president were part of existing government social investment programmes like N-power, Conditional Cash Transfer and Government Enterprise Empowerment Programme.

They had nothing to do with the “new vulnerable” – those whose livelihoods were threatened by COVID-19. But everyone affected by the lockdown expected to benefit from them. They may have believed they qualified for help, yet they weren’t told exactly who would get what and how. This made some people easier targets for scams.

Fraudulent schemes

All the schemes developed by the fraudsters show similarities with the palliatives that government announced. Cybercriminals also developed schemes using the identities of donors that were listed by the Nigerian government on the website of the Presidential Task Force on COVID-19.

Relief fund fraud: The original COVID-19 relief fund was set up to give beneficiaries N20,000 (US$49) monthly. Cybercriminals patterned their fraudulent scheme after this. They designed a website where people were asked questions and were promised a payment of N20,000. The scam message had a fake government seal on the upper left corner, to deceive people into thinking it was a genuine message from the federal government. A prospective victim is congratulated to be eligible for the funds after answering series of questions. The person is required to click a green button beneath the page which has the inscription “SHARE NOW”. The person is advised to only share with seven WhatsApp groups. Then, the person would be asked to send bank details with sensitive information. They subsequently hacked their accounts and cleared the funds there.

Loan fraud: Another scheme appropriated by the cybercriminals was the relief loan disbursement form. On the online form, people were asked to supply their names and account details. This scam was framed to align with the presidential address which announced conditional cash transfers and loans. The form had an imprint of Nigeria’s coat of arms on the left side, and used the national colours to make it look authentic. It followed the same pattern with the relief fund fraud.

Fast food coupon fraud: The president’s announcement that rice and groundnut oil from the Nigerian Customs Service would be released also triggered fraud. These were meant to be distributed to state governments. The states were in turn asked to organise the distribution to vulnerable people. Scammers designed a scheme that appeared to offer a free pizza coupon – an attractive luxury for many people. A voucher bearing the name of a pizza outlet was shared online and potential victims were asked to fill their financial details in order to claim the free pizza. This exposed them to hackers who cleared their bank accounts after critical information had been supplied.

Data scam: With restrictions on movement, a major means of connecting with people was going online. Nigerians asked telephone companies to offer free data to their customers. Some companies gave their subscribers 10 free text messages daily. Cybercriminals designed a scheme called “free 16GB to kill boredom during this lockdown.” Different websites supposedly belonging to telephone companies were created and people were asked to click on them. Doing so and supplying biodata and bank details enabled the fraudsters to have access to their bank accounts.

Preventing victimisation

Nigerian government agencies distanced themselves from the fraudulent schemes. But the way in which social interventions were implemented provided leeway for fraud victimisation.

To prevent this from happening in the future the Nigerian government must communicate effectively with the public – particularly beneficiaries – about its policies. This will help protect them against possible victimisation.

In addition, Nigeria’s security agencies need be involved. They need to act promptly by taking down websites where deliberate falsehoods and misinformation are published.The Conversation

Oludayo Tade, Communication/Security Consultant, Sociologist/Criminologist/Victimologist and Facilitator, University of Ibadan

This article is republished from The Conversation under a Creative Commons license. Read the original article.

The Conversation Africa

Paid Content