Banks and financial institutions across Nigeria have issued renewed security warnings to customers following a sharp rise in sophisticated cyber fraud schemes targeting mobile and internet banking platforms.

Security experts say criminal networks are increasingly abandoning low-level scams in favour of coordinated, high-value operations that rely on advanced social engineering techniques, phishing kits, and SIM-swap fraud to bypass conventional security systems and gain unauthorized access to customer accounts.

Data from the Nigeria Inter-Bank Settlement System (NIBSS) shows a troubling evolution in the country’s cybercrime landscape. While reported fraud incidents slightly declined from 70,111 to 67,518 over the past year, analysts warn that the financial impact of successful attacks has increased significantly.

A recent Central Bank of Nigeria (CBN) industry assessment indicates that more than half of all banking fraud now occurs through digital channels, with mobile and internet banking platforms identified as the most exposed entry points. Experts attribute the trend to the rapid expansion of cashless transactions, which has expanded the attack surface for cybercriminals who now follow financial activity into digital ecosystems rather than targeting physical banking systems.

Cybersecurity intelligence reports show that modern fraud operations increasingly combine phishing and SIM-swap techniques to defeat multi-factor authentication protections.

In phishing attacks, victims are tricked through highly convincing messages, emails, or phone calls that impersonate banks or regulatory agencies. These messages are designed to extract sensitive information such as login credentials, PINs, or card details.

Once attackers obtain enough personal data, they may initiate a SIM-swap attack by deceiving mobile network operators into transferring a victim’s phone number to a SIM card controlled by the fraudsters. In some cases, this process is facilitated by insider compromise at telecom retail points.

When the swap is successful, the victim loses network access entirely, while the attacker gains control of incoming calls and SMS messages, including one-time passwords used for transaction verification. This allows criminals to reset banking credentials and drain accounts within minutes.

In response, financial institutions in Nigeria are deploying more advanced fraud detection systems powered by artificial intelligence to identify suspicious transactions in real time. Several tier-one banks say these systems have already helped prevent large-scale financial losses by flagging abnormal account activity before transactions are completed.

Banks are also working with telecommunications providers to strengthen identity verification processes aimed at reducing SIM-swap fraud, while regulatory bodies continue to push for stronger cross-sector coordination on digital identity security.

The Central Bank of Nigeria and cybersecurity experts have urged customers to remain vigilant and adopt stronger personal security habits. They advise users to treat unsolicited messages and urgent requests with caution, avoid clicking unknown links, and never share banking credentials through phone calls or messages, stressing that legitimate banks do not request such information.

They also recommend immediate reporting of sudden network loss or unexplained SIM deactivation, as these could indicate a SIM-swap attempt, and encourage users to adopt more secure authentication methods such as biometric verification or authenticator applications instead of SMS-based one-time passwords.