It was a Friday evening in an upscale restaurant and bar in Lagos, Nigeria. About half a dozen guys hurdled together around a table littered with half-empty bottles of Champagne, Whiskey, Brandy and cans of mixers, as the DJ serenaded them with the latest Nigerian Afrobeat sounds. There was something different about that night for Olu, one of the guys seated at the table. The quality of drinks they were consuming was way beyond their means; yet, they kept ordering even more.
He wasn’t so sure how they expected to foot these bills as some of them did not even have enough cash to pay even if the drinks were sold at regular retail price. Upscale Lagos bars are accustomed to selling alcoholic liquor in bottles at about 300% of the regular retail price. To the irritation of his companions, Olu fretted frequently despite being told not to worry, that the tabs would be picked up by someone else.
That “someone” was airborne on his way from back home from abroad. He had told his friends to gather around at the joint and order whatever they wanted until he joined them soon after his plane landed. Davoe, as Olu had been repeatedly told, had just “picked up” serious cash and is worth millions in dollars. He was coming into town to declare for his boys, starting from that night till his departure.
Davoe had just pulled off a major heist and was flying in to celebrate with his friends before deploying his newfound wealth into more productive uses. The night out with his friends was the culmination of a process that emanated from months of sleepless nights online in what has become one of the most sophisticated cyber frauds in recent history.
FBI Raid: Three weeks ago, the US Federal Bureau of Investigation (FBI) announced that it had caught former Forbes 30 under 30 entrepreneur, Obinwanne Okeke, popularly called Invictus Obi, suspected of participating in an advance–fee fraud operation. The news caught the entire country by surprise, particularly young Nigerians who typically look up to success stories like that of Obi as a source of inspiration.
A few days later, the FBI published about 80 names of young Nigerians suspected of being involved in a massive fraud operation that they declared unprecedented in the United States. What is perhaps more intriguing is how this vast network of cyber thieves functioned in an operation that spanned continents across the world.
Nairametrics spoke to a few people familiar with the operation of modern-day “Yahoo Yahoo.” Their names have been changed, as they all spoke under the condition of anonymity to allow them to speak more freely about what they know.
Stolen Data: It often starts by subscribing to a premium version of dating apps where upper-class men and women often spend time looking for love interests. To log in to these platforms, users are expected to provide their email addresses and passwords. These standard login methods are designed to ensure that owners of these apps collect as much data as they can from users. Unfortunately, hackers are also interested in this data and often steal them.
According to reports, in 2019, a collection of 2.7 billion identity records, consisting of 774 million unique email addresses and 21 million unique passwords, were posted on the web for sale. Bidders for the data included internet fraud perpetrators, including those caught by the FBI two weeks ago, who rely on them for a slew of illegal activities.
How it works: Osaz, a former “yahoo boy” familiar with the operations of internet fraudsters, explained the sequence of activities to Nairametrics. According to him, fraudsters, relying on the email addresses of their victims, hack into the servers of unsuspecting corporations. Once logged in, they read email exchanges between top executives with mandates to sign away payments.
Of interest to them are email exchanges between suppliers of services and customers that occur as frequently as twice a week. The frequency of supply orders and payments provides the suspects with a high level of vulnerability that they can exploit.
After a protracted period of studying transaction flows and processes, they pounce, taking over the servers of their victims bypassing cybersecurity firewalls. He explains in a few summarized steps.
- An email is sent from a supplier to a company, requesting payment.
- Taking over the server, the email is hacked, and the fraudsters manipulate details on the emails (attached invoice).
- They slightly alter the names of suppliers such that the persons authorizing payment will not notice.
- They insert their account numbers in the email as well as their bank details.
- Once payment is made, the money laundering process begins, connecting several co-perpetrators across the globe.
- The money passes through several connected accounts, even going through accounts of innocent companies or individuals thinking that they are purchasing dollars in the regular course of a genuine transaction.
In the widely publicized case of Invictus Obi, the process was very similar except that it started with a phishing email. The Chief Financial Officer of Unatrac Holding Limited, the export sales office for Caterpillar‘s heavy industrial equipment, received a phishing email containing a web link in April 2018, purportedly to the login page of the CFO’s online email account hosted by Microsoft Office365. Upon opening the link, he was directed to a phishing website crafted to imitate the legitimate Office365 login page.
Believing the page to be real, the CFO provided his login details which were captured by fraudsters who took over his login profile, giving them access into the company’s email servers. According to the report, between April 6 and April 20, 2018, they had accessed the CFO’s account at least 464 times, mostly from Internet Protocol (IP) addresses in Nigeria, stealing over $11 million.
Money Washing: Internet fraudsters have also perfected the art of laundering their loot. Like Obi, some smart ones establish legitimate businesses, using their stolen wealth as seed capital.
Mike, the owner of an upscale boutique that is often patronized by suspected “Yahoo Yahoo boys,” explained to Nairametrics that, “Some of them use the money to buy real estate properties in Lekki”. Lekki is Nigeria’s haven for real estate developments. According to him, the smart ones quickly invest the money in assets they can easily sell during dry spells when no money is made. Some invest the money in other income-generating businesses such as night clubs, restaurants, and hotels. Others like Obi, channel the money into enviable ventures such as tech Startups.
Some never go back to crime and continue the legit path they established using stolen funds, Mike explained. “This Yahoo Yahoo business has a lot to do with luck, which is why some of them also rely on jazz (Nigerian slang for voodoo). When some make it, they don’t go back, but use the money they made to set up businesses for themselves and their spouses or family members.”
Back in February, the European Union added Nigeria and 22 other countries to a blacklist of nations seen as posing a threat because of lax controls on terrorist financing and money laundering. Despite this, some Nigerians believe that corruption has often had a positive effect on the economy, depending on how looted funds are laundered in the local economy.
In 2018, Nigeria attracted about $25 billion in foreign remittances, mostly from hardworking Nigerians with legitimate jobs living and working abroad. It is however plausible that some of the remittances may also include money illegally obtained via fraudulent means as the FBI investigation reveals.
Funds from Cyber Crimes create jobs and sustain thousands of businesses across the country. On Instagram, sole traders leveraging on e-commerce craze rake in millions selling all sorts of fashion items. They often rely on the flash of opulence displayed by social media celebrities suspected of engaging in cybercrimes to hawk their products. Most young social media addicts are inevitably attracted to such lifestyles and so want to also look the part.
Rags to riches to rags: Not every internet fraudster can boast of a happy ending. For most, after the first “hammer” (a slang for securing a major heist) the loot is splurged on flashy cars, women and other forms of luxury. The urge to splurge is often blamed on inferiority complex or simply extravagance, both culminating in an infectious display of opulence designed to intimidate and impress their admirers. Depending on the size of the loot, the money can last up to a year before the fraudster zeroes back to square one.
In one of several examples shared by Mike, one of the fraudsters who hammered complained about how he had mismanaged his loot on girls, expensive fashion and booze. He was begging a mutual friend to hire him as a driver. He had gone months without another hammer and was losing reputation among his friends, while all the girls he splurged on when he was on top had left him for more alluring colleagues. For now, he needs to at least get some money to feed himself and pay for his internet bills, as he looks out for another hammer.
Davoe wasn’t going to allow experiences like these deter him. As he arrived at the international airport in Nigeria, a brand new BMW car was waiting to pick him up. As promised, he drove straight down to meet up with his friends, who by then had racked up 6 figures in booze. By the time he arrived, he was accompanied by an entourage of ladies enough for himself and his friends. The night was just beginning.
[READ FURTHER: A list of things you should never borrow money to do]