The Central Bank of Nigeria (CBN) has issued a fresh warning to the public about fraudulent messages, emails, and online communications that falsely claim to originate from the apex bank. These deceptive communications are designed to mislead Nigerians and compromise personal and financial accounts.
In a statement signed by Hakama Sidi-Ali, Acting Director of Corporate Communications, the CBN said the alert aims to protect Nigerians from cybercriminals who are circulating fake messages in the bank's name. The statement reads in part: "The Central Bank of Nigeria (CBN) wishes to alert members of the public to the circulation of fraudulent messages, emails, and online communications purporting to originate from or be associated with the Bank, which are intended to misinform members of the public. These fraudulent messages, which prompt recipients to click links, peddle false information about the Bank's leadership, licensing, and policy issues, and are intended to hack personal accounts."
Common Fraud Tactics Identified by CBN
The CBN highlighted phishing as one of the most common threats, where fraudsters impersonate trusted organisations through emails, text messages, or phone calls to steal passwords, bank details, and other sensitive information. The bank advised Nigerians never to click suspicious links and to verify the identity of anyone requesting confidential information, according to Leadership reports.
Online shopping scams were also flagged, with the CBN urging consumers to buy only from trusted websites, ensure payment pages use secure "https://" connections, and check reviews before making purchases. On investment scams, the CBN cautioned against offers promising unusually high returns with little or no risk, including fake cryptocurrency and Ponzi schemes. It advised prospective investors to conduct proper research and seek professional financial advice before investing.
Tips to Avoid Falling Victim
The CBN shared several tips to help Nigerians avoid fraud and scams. These include using strong and unique passwords, enabling two-factor authentication, shredding sensitive documents before disposal, and regularly monitoring bank accounts for unauthorised transactions. The bank also warned against identity theft and social engineering scams, where criminals manipulate victims into revealing confidential information by pretending to be government officials, colleagues, or relatives in distress.
To reduce the risk of fraud, the CBN encouraged Nigerians to stay vigilant and verify all information through its official website. The bank also advised reporting fake websites, emails, and messages to law enforcement agencies immediately.
Steps for Fraud Victims
The CBN advised anyone who suspects they have fallen victim to fraud to contact their financial institution immediately to secure their accounts and reverse unauthorised transactions where possible. Victims are also urged to report incidents to law enforcement agencies, including the Economic and Financial Crimes Commission (EFCC), the Nigeria Police Force, the Department of State Services (DSS), the Independent Corrupt Practices and Other Related Offences Commission (ICPC), or, in cases involving international cybercrime, the United States Federal Bureau of Investigation's Internet Crime Complaint Centre.
The bank also advised affected individuals to change compromised passwords immediately and enable two-factor authentication to improve the security of their online accounts. The CBN reaffirmed its commitment to protecting the Nigerian financial system, stating that it continues to strengthen its cybersecurity frameworks in collaboration with relevant agencies to combat digital fraud.
Previous Warnings from Financial Institutions
Earlier, Ecobank Nigeria issued a warning to customers over new cyber threats, urging vigilance against fake banking apps and deceptive pop-ups designed to steal personal information. In a public advisory, the bank said that scammers are creating clone banking apps and pop-ups that mimic legitimate banking platforms. Once installed, these fraudulent apps can access users’ phones and steal sensitive information, including PINs, passwords, and one-time passwords (OTPs), which can be used to carry out unauthorised fund transfers.



