Categories: General

Digital Assets Fraud in Nigeria

Cybercriminals are constantly looking for new ways to defraud and harm organizations and individuals in Nigeria as a result of digitization and globalization. Organizations and individuals must be wary of the risks posed by these cybersecurity threats.

INTRODUCTION                 

With the growing popularity of online investing, there is an increasing concern about online fraud. Various studies are being conducted to discover the reasons for this online fraud. The most notable of these studies is ACI, which concludes that the rate of online fraud is increasing. And the annual increase is approximately 28.32 per cent.

A digital asset is anything that is stored digitally and is uniquely identifiable that organizations can use to realize value. Examples of digital assets include documents, audio, videos, logos, slide presentations, spreadsheets, cryptocurrencies, Non-Fungible Tokens (NFTs), and websites. 

The emergence and growth of the digital world have brought about the utilization and usage of digital assets by various individuals in society.  However, with this development in the digital world, there are also risks attached to the usage of digital assets. Fraudulent activities that are carried out within the digital space against digital assets can be referred to as digital assets fraud, these activities may include; phishing, pharming, skimming, malware attacks, etc.

Digital assets fraud is a form of cybercrime and in order to adequately mitigate the effect of digital assets fraud, cybersecurity laws and protocols must be enhanced to address the arising issues in the digital space.

This article discusses various forms of cyber fraud and discusses mechanisms that can be put in place to prevent such fraud.

Forms of Cyber Threats faced in Nigeria

  1. Phishing

Phishing is a type of cybercrime in which a target or targets are contacted via email, phone, or text message by someone impersonating a legitimate institution in order to trick individuals into providing sensitive data such as personally identifiable information, banking and credit card information, and passwords.

Phishing attacks have become much more prevalent in recent years, with attackers becoming more convincing in their impersonation of actual business contacts. Work Email Compromise has also increased, with bad actors using phishing campaigns to obtain business email account passwords from high-ranking executives, and then falsely requesting money from staff using these accounts.

The difficulty in stopping phishing attacks contributes to their danger. They use social engineering to target humans within a company rather than addressing technological flaws. However, there are technological countermeasures to phishing attacks.

Some ways in which a person can detect a phishing message include;

  1. Lucrative offers and eye-catching or attention-grabbing statements are intended to immediately capture people’s attention. for example, a message stating that you have won an iPhone, the lottery, or some other lavish prize. Simply do not open any suspicious emails. Remember that if something appears to be too good to be true, it most likely is!
  2. Cybercriminals frequently ask you to act quickly because the super deals are only available for a limited time. Some will even tell you that you only have a few minutes to respond. When you receive such emails, it is best to simply ignore them. They may occasionally inform you that your account will be suspended unless you immediately update your personal information. Most reputable organizations provide ample notice before terminating an account and never require customers to update personal information over the Internet. When in doubt, go directly to the source rather than clicking a link in an email.
  3. Whether it appears to be from someone you don’t know or someone you do know, if anything seems out of the ordinary, unexpected, out of character, or simply suspicious, don’t open such links.
  • Pharming

Cybercriminals use this method to hijack a service provider’s web address. When a user types in a Web address, it is automatically redirected to a fraudulent Web site without his knowledge or consent. The website will appear legitimate in order to capture unsuspecting victims’ card confidential information, such as PIN, card numbers, and token details.

  • Malware Attacks

Malware attacks pose a serious threat to businesses. It includes a wide range of cyber threats, such as trojans and viruses. It’s a catch-all term for malicious malware written by hackers to gain network access, steal data, or destroy data on computers. Malware is typically distributed through malicious website downloads, spam emails, or connecting to infected computers or devices.

Having strong technological defences in place can assist businesses in avoiding malware attacks in Nigeria. Endpoint Protection systems protect devices from malware downloads and provide administrators with a centralized control panel from which to manage devices and ensure that all users’ security is up to date. Web security is also important because it prevents people from visiting dangerous websites and downloading dangerous software.

  • Skimming

It is the fraudulent collection of payment card information using a small electronic device known as a skimmer. The device, which is usually attached to an ATM or a Point-of-Sale terminal, allows e-fraud perpetrators to capture customer card information, including the PIN. With the advent of wireless technology, criminals can now remotely download stolen data without physically visiting the terminals.

  • Account Takeover

This happens when an e-fraud perpetrator takes over another person’s account, first by gathering personal information about the intended victim via Phishing, Pharming, Skimming, or any other fraudulent means, and then contacting the card issuer (Financial Institutions) while impersonating the genuine cardholder and requesting a replacement of a lost card. A new card will be issued to the fraudster, and it will be used to commit various e-frauds against the victim.

Impact of Cyber-Attacks

  1. Data Privacy Breach

Data protection and privacy laws provide for the security of any personal information. With the prevalence of cyber-attacks sensitive data is compromised and if proper security measures are not implemented such data can be shared with the public or an unauthorized 3rd Party.

  • Financial Loss

Digital assets fraud leads to the loss of assets which has monetary value, the legitimate owner of such assets usually losses all or part of the assets with little or no monetary consideration for the loss. The loss can occur by way of theft, hack, scam, phishing, etc.

  • Reduces Confidence/Trust in cyber safety

Customer relationships necessitate a high degree of trust. Cyber-attacks can damage a company’s brand and erode your customers’ trust in you. As a result, it is possible that:

  1. Customers withdraw.
  2. Profit reduction due to sales loss.

Reputational damage can have an impact on suppliers as well as relationships with partners, investors, and other stakeholders.

How To Prepare Against Cyber-Threats

A security breach can destroy even the most resilient businesses. It is critical to appropriately manage the risks.

  1. Create a security strategy to evaluate and categorize the data you handle, as well as the types of security required by your organization.
  2. Perform security audits regularly.
  3. Make cybersecurity education a top priority.
  4. Inform and educate personnel about data security and security protocols.
  5. Encrypt critical data and implement two-factor authentication for system access.
  6. Regularly invest in, install, and update cybersecurity tools such as antivirus software, firewalls, and additional privacy tools.
  7. To protect yourself from ransomware, keep a backup of sensitive data.
  8. Hire cybersecurity engineers who can identify and manage system vulnerabilities.

Tips to Prevent Digital Assets Fraud

Several factors can aid in the prevention of online fraud and the preservation of digital assets. The following are important ways to protect yourself from such scams:

  1. QR Code:

Never fall into the trap of scanning unknown QR codes to protect yourself from code scan fraud. Also, do not click on any unknown links sent to you via SMS or email.

  • Authentication:

Use the two-factor authentication system for all of your online accounts, which sends SMS notifications if anyone tries to log in to your account. When you try to log in with this feature, you will receive an OTP to complete the process.

  • Applications:

Always ensure to download applications from legitimate official websites. Do not install apps from links sent to you via email or SMS.

  • Password:

Using the same password for almost all of your accounts put such accounts at risk because if you use the same password for all of your accounts, hackers will have easy access to all of them.

  • Cross-Check

Always double-check the legitimacy of any new Crypto or any other digital assets that enter the market. Do not follow trends and acquire a digital asset because the majority of the public acquired such asset.

CONCLUSION

Cybercriminals are constantly looking for new ways to defraud and harm organizations and individuals in Nigeria, as a result of digitization and globalization. Organizations and individuals must be wary of the risks posed by these cybersecurity threats.

Individuals can best protect themselves against these threats by implementing a comprehensive set of security measures and utilizing Security Awareness Training, to ensure that they are well aware of security threats and adequately equipped on how to avoid them. Proactive measures will alert you against potential hazards and strategies for mitigating their effects. It is almost impossible to avoid this system in an age when everything is going online. It is, therefore, essential for every individual to be informed of the protection mechanism available for digital assets.

AUTHOR: Oyetola Muyiwa Atoyebi, SAN, FCIArb. (UK).

Mr. Oyetola Muyiwa Atoyebi, SAN is the Managing Partner of O. M. Atoyebi, S.A.N & Partners (OMAPLEX Law Firm) where he also doubles as the Team Lead of the Firm’s Emerging Areas of Law Practice.

Mr. Atoyebi has expertise in and vast knowledge of the law and this has seen him advise and represent his vast clientele in a myriad of high-level transactions.  He holds the honour of being the youngest lawyer in Nigeria’s history to be conferred with the rank of a Senior Advocate of Nigeria.

He can be reached at atoyebi@omaplex.com.ng

CONTRIBUTOR: Romeo Pupu.

Romeo is a member of the Dispute Resolution Team OMAPLEX Law Firm. He also holds commendable legal expertise in cybersecurity.

He can be reached at romeo.osogworume@omaplex.com.ng.

lawpavilion

View Comments

Recent Posts

Industrial Court validates Staff Employment Termination over NYSC Certificate

Hon. Justice Sinmisola Adeniyi of the Abuja Judicial Division of the National Industrial Court has…

6 days ago

FRN v. AKAEZE: Criminal Investigation Simplified (2)

By Ebun-Olu Adegboruwa, SAN The main responsibility of the court is to interpret the law…

7 days ago

The Duty of ‘Law’ as an Instrument of ‘Social Justice’ For ‘Peace’ to Reign

ByAmb. Hameed Ajibola Jimoh, Esq. FIGPCM, CGARB. (CERTIFIED GLOBAL PEACE AND CONFLICT RESOLUTION AND MANAGEMENT…

1 week ago

Is Service of Pre-Action Notice a Contradiction to the Constitutional Right of Access to Court?

CASE TITLE: ORIENTAL ENERGY RESOURCES LTD v. NICON INSURANCE PLC (2024) LPELR-61988(CA) JUDGMENT DATE: 25TH…

2 weeks ago

Copyright Infringement, Defences & Remedies Under Nigerian Law

The body of law for copyright protection in Nigeria is the Copyright Act 2022 and judicial decisions…

2 weeks ago

The Legality of Indefinite Suspension of an Employee

What is the Meaning of Indefinite Suspension? Suspension is the placement of an employee in…

2 weeks ago