Police, FBI and US Secret Service Arrest Internet Fraud Suspects in Nigeria

The Nigeria Police Force, in collaboration with the United States Federal Bureau of Investigation and the US Secret Service, has arrested three suspected internet fraudsters in Lagos and Edo states over alleged cybercrime activities.

The arrests were carried out by operatives of the Nigeria Police Force National Cybercrime Centre following intelligence linking the suspects to targeted cyber-attacks on the email systems of major corporate organisations, largely within Nigeria.

According to a statement issued on Thursday by the Force Public Relations Officer, CSP Benjamin Hundeyin, the suspects allegedly carried out the attacks using phishing links and malicious software. The operation followed credible intelligence received from Microsoft Corporation and the FBI, which revealed the use of a sophisticated phishing toolkit known as RaccoonO365.

Hundeyin explained that the toolkit was designed to create fake Microsoft login portals to harvest user credentials and gain unauthorised access to the email platforms of corporate, financial and educational institutions. He said investigations traced multiple cases of unauthorised Microsoft 365 account access between January and September 2025 to phishing emails crafted to closely resemble legitimate Microsoft authentication pages.

The cyber activities reportedly led to business email compromise, data breaches and financial losses across several jurisdictions. Acting on the intelligence, operatives of the NPF–NCCC were deployed to Lagos and Edo states, where three suspects were arrested.

Searches conducted at the suspects’ residences led to the recovery of laptops, mobile phones and other digital devices, which forensic analysis linked to the fraudulent operation. Further investigations identified Okitipi Samuel, also known as “RaccoonO365” and “Moses Felix,” as the principal suspect and developer of the phishing infrastructure.

Police said he allegedly operated a Telegram channel through which phishing links were sold in exchange for cryptocurrency and hosted fake Microsoft login portals on Cloudflare using stolen or fraudulently obtained email credentials. However, investigators found no evidence linking the two other suspects to the development or operation of the phishing scheme.

The Nigeria Police Force reaffirmed its commitment to protecting Nigeria’s digital environment through advanced technology, strong international cooperation and thorough investigative and prosecutorial efforts to combat emerging cyber threats.