The Nigeria Police Force National Cybercrime Centre (NPF–NCCC) has arrested a suspected high-profile internet fraudster linked to coordinated cyberattacks on Microsoft 365 email systems used by major corporate organisations.
The Force Public Relations Officer, Benjamin Hundeyin, disclosed this in a statement on Thursday, stating that the arrest followed credible intelligence provided by Microsoft Corporation in the United States through the Federal Bureau of Investigation (FBI).
According to Hundeyin, investigations revealed that the suspect deployed a sophisticated phishing toolkit known as RaccoonO365, designed to create fake Microsoft login portals to harvest user credentials and gain unauthorised access to corporate, financial, and educational email platforms.
“The toolkit was used to unlawfully access Microsoft 365 accounts through fraudulent login pages that closely mimicked legitimate Microsoft authentication portals,” Hundeyin said.
He explained that the police launched a coordinated, intelligence-led operation in collaboration with Microsoft, the FBI, and the U.S. Secret Service after tracking a series of cyber incidents recorded between January and September 2025.
“Investigations traced multiple cases of unauthorised access to Microsoft 365 accounts to phishing emails that resulted in business email compromise, data breaches, and financial losses across several jurisdictions,” he added.
Hundeyin said operatives of the NPF–NCCC were deployed to Lagos and Edo states, where three suspects were arrested.
Searches conducted at their residences led to the recovery of laptops, mobile phones, and other digital devices linked to the cyber fraud scheme through forensic analysis.
Further investigations identified Okitipi Samuel, also known as RaccoonO365, alongside Moses Felix, as the principal suspects behind the phishing infrastructure.
Hundeyin said Samuel was the developer of the phishing toolkit and operated a Telegram channel where phishing links were sold in exchange for cryptocurrency.
He added that the suspect hosted fraudulent login portals on Cloudflare using stolen or fraudulently obtained email credentials.
However, investigations found no evidence connecting the two other arrested individuals to the development or operation of the phishing scheme.
Hundeyin reaffirmed the Nigeria Police Force’s commitment to protecting the country’s digital environment, stressing that the force would continue to deploy advanced technology, strengthen international cooperation, and pursue thorough investigations and prosecutions to combat emerging cyber threats.
The Kaduna State Government has recruited 1,800 health personnel to enhance quality healthcare service delivery…
Dangote Petroleum Refinery has introduced a dedicated hotline for Nigerians to report any MRS Oil…
The Federal Government has approved the introduction of mandatory pre-employment drug testing for prospective applicants…
Nigeria’s technology and telecommunications company, Globacom, has conveyed warm Christmas greetings to Christians in Nigeria…
As part of efforts to ensure a safe and secure yuletide season, Operation Sweep, a…
Kaduna State Governor, Uba Sani, has signed the 2026 Appropriation Bill into law, with education…
This website uses cookies.