199
By Lizzy Chirkpi
The Nigeria Police Force National Cybercrime Centre (NPF–NCCC), working jointly with the United States Federal Bureau of Investigation (FBI) and the US Secret Service, has apprehended three alleged high-profile cybercriminals in Lagos and Edo States respectively.
The suspects are accused of executing targeted cyber-attacks on the email platforms of major Nigerian corporate organisations, compromising data and causing financial losses.
Force Public Relations Officer, CSP Benjamin Hundeyin, announced the development in a statement on Thursday, revealing that the group carried out the attacks “through the deployment of phishing links and malicious software.”
According to the statement, the coordinated arrests followed credible intelligence from Microsoft Corporation and the FBI, which exposed the use of a highly advanced phishing tool called “RaccoonO365.”
Hundeyin explained that the phishing toolkit was allegedly built to generate fake Microsoft authentication pages designed to steal login credentials and illegally infiltrate email systems belonging to corporate, educational and financial institutions.
He said: “Consequently, the NPF–NCCC initiated a coordinated, intelligence-driven operation in collaboration with Microsoft, the FBI, and the United States Secret Service.”
Investigators traced several cases of unauthorised Microsoft 365 access recorded between January and September 2025 to phishing emails carefully disguised to look like authentic Microsoft login prompts. These operations reportedly resulted in data breaches, business email compromises, and sizable financial losses across different regions.
Hundeyin continued: “Acting on precise and actionable intelligence, NPF–NCCC operatives were deployed to Lagos and Edo States, leading to the arrest of three suspects.”
He said a search of their homes led to the confiscation of laptops, mobile phones and other digital hardware which, after forensic assessment, were tied to the fraudulent scheme.
Further investigations identified one of the suspects, Okitipi Samuel also known as “RaccoonO365” and “Moses Felix” as the alleged mastermind behind the phishing network.
Investigators found that he operated a Telegram channel where he sold phishing links for cryptocurrency and hosted fake login pages on Cloudflare using stolen or illegally obtained email credentials.
Hundeyin added that no evidence linked the other two arrested individuals to the development or management of the phishing platform itself.
The Force restated its readiness to combat cybercrime, saying: “The Nigeria Police Force reaffirms its steadfast commitment to safeguarding Nigeria’s digital space through the deployment of advanced technology, strengthened international partnerships, and diligent investigative and prosecutorial processes aimed at effectively countering evolving cyber threats.”