CBN warns public over fraudulent messages targeting bank

The Central Bank of Nigeria (CBN) has issued an urgent public warning against a surge in fraudulent messages, emails, and online communications designed to compromise personal and business bank accounts. The alert, released by Acting Director of Corporate Communications Mrs. Hakama Sidi-Ali, signals growing cybersecurity threats across Nigeria's financial system—a critical concern for both retail depositors and institutional investors.

This warning arrives amid accelerating digital transformation in Nigeria's banking sector. As of 2024, mobile banking adoption has surged to over 45 million users, making fraud prevention a systemic priority. The CBN's alert underscores a fundamental risk: rapid fintech expansion without corresponding user awareness creates exploitation windows.

## What Types of Fraudulent Messages Are Targeting Nigerian Bank Accounts?

The CBN specifically flagged fake communications falsely claiming origin from the central bank itself or legitimate financial institutions. These typically include phishing emails requesting account verification, SMS messages prompting urgent password resets, or WhatsApp alerts claiming suspicious activity. Scammers impersonate bank staff, regulators, or payment platforms to extract credentials, OTPs, or personal identification data. The sophistication has increased—some fraudsters now spoof official CBN email domains and use deepfake voice calls to enhance credibility.

## Why Is Cybercrime Rising in Nigeria's Financial Sector?

Three structural factors amplify fraud vulnerability: (1) **Infrastructure gaps**—many users lack two-factor authentication or biometric security; (2) **Digital literacy deficits**—over 60% of Nigerian internet users lack formal cybersecurity training; (3) **Economic desperation**—rising unemployment and inflation (hovering near 35% year-on-year) drive both fraud attempts and victim vulnerability. Additionally, Nigeria's fintech boom has attracted regional and international cybercriminals exploiting regulatory arbitrage.

## How Can Investors Protect Themselves?

Institutional investors must implement multi-layered defenses: verify all communications through official bank channels (call the bank's published phone number directly), enable biometric and hardware-token authentication, monitor accounts for unauthorized access, and report suspicious activity immediately to both their bank and the CBN's cybercrime division. For diaspora investors managing Nigerian assets remotely, using VPNs and avoiding public WiFi during transactions is non-negotiable.

The CBN has also directed all commercial banks to strengthen customer communication protocols—marking a rare admission of systemic weakness. This regulatory pivot signals the central bank recognizes that fraud erodes depositor confidence, threatens financial stability, and undermines investor appetite for Nigeria's banking sector.

**Market Implications:** Cybersecurity incidents historically correlate with bank stock underperformance in emerging markets. Nigerian banks exposed to significant fraud losses (Zenith Bank, GTB, Access Bank) have faced margin compression and regulatory fines. Investors should scrutinize bank disclosures on fraud provisions and cybersecurity capex in Q1 2025 earnings calls. Conversely, fintech platforms offering superior fraud detection (Flutterwave, Paystack competitors) may capture market share as institutional trust shifts.

The CBN's proactive communication suggests regulatory maturity—a positive signal for governance. However, the rising frequency of alerts indicates the problem is *accelerating*, not stabilizing.

---

##