The numbers are staggering, but the reality is far more chilling. Between 2020 and 2025, fraudsters successfully looted N134.48 billion from Nigeria’s financial system — enough to build thousands of schools or hospitals. But here is what the official reports won’t tell you: the most devastating heist didn’t involve sophisticated hackers in dark basements. It involved a bank employee with legitimate access, a few clicks, and N30 billion vanished.
This is the uncomfortable truth about fraud in Nigeria today. The Central Bank of Nigeria’s _Payments System Vision 2028_ document reveals that 2024 alone accounted for N52.26 billion in losses — a 196 per cent surge from the previous year. And the culprit? “A major internal fraud case involving N30 billion,” the CBN admitted. The single biggest threat to your money may not be a cybercriminal in Russia but the person processing your transaction at the bank.
The Nigeria Inter-Bank Settlement System 2024 Fraud Report paints an even more disturbing picture of how these predators operate. In one documented case, a syndicate based in Asia opened corporate accounts in three Nigerian banks using the same selfie for BVN verification — with geolocation tracing back to Hong Kong. On July 30, 2024, an oil and gas company account was created using a registered company number copied from the internet and fabricated documents. Within hours, N335 million in fraud proceeds hit the account and was swiftly moved to unlicensed BDC operators. The EFCC and NIBSS eventually recovered N1.735 billion, but the damage was already done.
“The 2024 figure alone accounted for nearly 39 per cent of the total N134.48 billion lost between 2020 and 2025,” the CBN document noted grimly. This means that in a single year, fraudsters accomplished what would normally take them four years to steal.
The tactics keep evolving. In 2021, when banks tightened web security, fraud losses still rose — because POS-related incidents exploded by 276 per cent. In 2022, ATM fraud surged over 2,000 per cent. By 2023, e-commerce fraud spiked by a staggering 1,961 per cent. “Mobile, POS, and Web channels recorded moderate increases,” the CBN conceded. The pattern is unmistakable: fraudsters do not retreat — they redeploy.
EFCC Chairman Ola Olukoyede recently revealed how remote takeover schemes work. A physical device is connected to a bank’s system with the help of a complicit staff member. Once connected, collaborators in Eastern Europe or America remotely control the bank’s platform, moving billions within seconds. “In every single case we’ve investigated, there has been clear evidence of insider involvement,” the EFCC Chairman stated. Over N20 billion was recovered from hackers who breached six Nigerian banks this way. But how much went unrecovered?
In May 2025, two bank employees were arraigned for allegedly disclosing the bank’s server and domain credentials, enabling an attempted cyberattack. The prosecution claims an E-payment Service Manager unlawfully shared the bank’s IP and domain credentials, while accomplices procured a laptop and flash drive specifically to bypass security protocols. This is not an isolated incident — it is a growing epidemic of internal betrayal.
The CBN’s Financial Stability Report 2024 flagged over 30 Ponzi-style investment schemes exploiting digital currency narratives. With 70 per cent of 2024 fraud losses linked to digital platforms, CBN Governor Olayemi Cardoso warned that fintech innovation has created new vulnerabilities. “In Nigeria, over $56 billion in crypto-related transactions were recorded between July 2022 and June 2023,” he noted. Fraudsters are now hiding behind cryptocurrency to launder proceeds, making recovery nearly impossible.
The most common attack methods, according to NIBSS, are phishing at 31 per cent, SIM swap fraud at 25 per cent, and identity theft and credential compromise at 21 per cent. These are not abstract threats — they are everyday realities. A simple text message claiming your bank account has been compromised could be the first step in draining your life savings.
So, how do you protect yourself?
First, never share your PIN, OTP, or BVN with anyone — not even someone claiming to be a bank official. Banks will never ask for these details over the phone or via text.
Second, verify every transaction notification immediately. If you receive an alert for a transaction you didn’t authorize, contact your bank’s fraud desk within minutes.
Third, be suspicious of unsolicited investment opportunities promising astronomical returns. If it sounds too good to be true, it is a scam.
Fourth, use two-factor authentication wherever possible and avoid conducting sensitive transactions on public Wi-Fi networks.
Fifth, monitor your accounts regularly and set up transaction alerts for every activity, no matter how small.
Sixth, report suspicious activity to your bank and the EFCC without delay — the longer you wait, the harder it becomes to recover stolen funds.
The CBN has set an ambitious target to reduce fraud losses to less than 0.001 per cent of all transactions by 2028 through NIN/BVN linkage, AI fraud detection, POS geo-tagging, and mandatory fraud response within 30 minutes. But these measures mean nothing without your vigilance. As Cardoso himself declared, “People’s money must be safer in the digital system than under their mattress.” Yet the mattress doesn’t have an insider plotting to steal your funds.
Here is the hard truth: Nigeria’s financial system is under siege, and the enemy is not always outside. The N134.48 billion question is not whether banks and regulators can secure the system — but whether you can stay one step ahead of the predators. Arm yourself with knowledge, question every transaction, and remember: in a country where fraudsters are always evolving, your greatest defence is your own awareness. The moment you let your guard down, they are watching, waiting, and ready to strike.
By Allen Durueke
(Ripples)