The Nigeria Police Force National Cybercrime Centre (NPF–NCCC) has arrested a suspected high-profile internet fraudster linked to coordinated cyberattacks on Microsoft 365 email systems used by major corporate organisations.
The Force Public Relations Officer, Benjamin Hundeyin, disclosed this in a statement on Thursday, stating that the arrest followed credible intelligence provided by Microsoft Corporation in the United States through the Federal Bureau of Investigation (FBI).
According to Hundeyin, investigations revealed that the suspect deployed a sophisticated phishing toolkit known as RaccoonO365, designed to create fake Microsoft login portals to harvest user credentials and gain unauthorised access to corporate, financial, and educational email platforms.
“The toolkit was used to unlawfully access Microsoft 365 accounts through fraudulent login pages that closely mimicked legitimate Microsoft authentication portals,” Hundeyin said.
He explained that the police launched a coordinated, intelligence-led operation in collaboration with Microsoft, the FBI, and the U.S. Secret Service after tracking a series of cyber incidents recorded between January and September 2025.
“Investigations traced multiple cases of unauthorised access to Microsoft 365 accounts to phishing emails that resulted in business email compromise, data breaches, and financial losses across several jurisdictions,” he added.
Hundeyin said operatives of the NPF–NCCC were deployed to Lagos and Edo states, where three suspects were arrested.
Searches conducted at their residences led to the recovery of laptops, mobile phones, and other digital devices linked to the cyber fraud scheme through forensic analysis.
Further investigations identified Okitipi Samuel, also known as RaccoonO365, alongside Moses Felix, as the principal suspects behind the phishing infrastructure.
Hundeyin said Samuel was the developer of the phishing toolkit and operated a Telegram channel where phishing links were sold in exchange for cryptocurrency.
He added that the suspect hosted fraudulent login portals on Cloudflare using stolen or fraudulently obtained email credentials.
However, investigations found no evidence connecting the two other arrested individuals to the development or operation of the phishing scheme.
Hundeyin reaffirmed the Nigeria Police Force’s commitment to protecting the country’s digital environment, stressing that the force would continue to deploy advanced technology, strengthen international cooperation, and pursue thorough investigations and prosecutions to combat emerging cyber threats.
The Chairman of the All Progressives Congress (APC) in Ondo State, Ade Adetimehin, has narrated…
The Federal Institute of Industrial Research, Oshodi (FIIRO), has raised concerns over the potential health…
No fewer than six persons have been confirmed dead, while three others were injured in…
Temu has reaffirmed its commitment to protecting users’ personal information as Nigeria’s data protection regulator…
President Bola Tinubu on Tuesday launched Nigeria’s Industrial Policy 2025, urging government agencies to ensure…
The House of Representatives has approved both electronic and manual modes of transmitting election results…
This website uses cookies.