Report Cybercrime in Nigeria — Free Guide

Document everything immediately. Take screenshots of all messages, emails, transaction receipts, error screens, and suspicious links. Save bank statements showing unauthorized transactions. Write down dates, times, and amounts. This evidence is critical for every report you'll file.

Report to Nigeria Police Force (NPF) Cybercrime Unit. Visit the nearest police station and file a formal complaint. Ask specifically for the cybercrime desk. You can also report online through the NPF complaint portal. Get a case number — you'll need it for your bank.

Report to EFCC (Economic and Financial Crimes Commission). For financial fraud, BEC scams, romance scams, and investment fraud. Report online at efcc.gov.ng or visit any EFCC zonal office. The EFCC handles most cyber fraud cases in Nigeria.

Report to NITDA (National Information Technology Development Agency). For data breaches, website hacking, and IT infrastructure attacks. NITDA is Nigeria's tech regulator. Report at nitda.gov.ng — especially important for organizations whose data was compromised.

Contact ngCERT (Nigeria Computer Emergency Response Team). For active cyberattacks on organizations — ransomware, network intrusions, website defacement. ngCERT coordinates national cyber incident response. Report at cert.gov.ng.

Report to your bank's fraud desk. Every Nigerian bank has a fraud/dispute resolution unit. Call them immediately. Request a transaction reversal. Ask for a written acknowledgment of your complaint. Under CBN guidelines, banks must investigate within 72 hours.

If it's a social media scam: Report the account on the platform (Instagram, Facebook, WhatsApp, Twitter). Block the scammer. If they're impersonating someone, report for impersonation. Use TeraDef's Social Recovery tool for step-by-step platform-specific guides.

BEC / Business Email Compromise. Attackers impersonate your boss, vendor, or partner via email and request urgent wire transfers. Always verify payment requests by phone — never trust email alone.

Romance scams. Fake profiles on dating apps and social media build trust over weeks, then ask for money. If someone you've never met asks for money — it's a scam.

Fake investment platforms. Promises of 30-50% monthly returns. No legitimate investment offers this. If it sounds too good to be true, it is.

SIM swap attacks. Criminals convince your mobile carrier to transfer your number to their SIM, then drain your bank accounts via mobile banking. Contact your carrier immediately if your phone loses signal unexpectedly.

WhatsApp OTP hijacking. Someone asks you to share a 6-digit code "sent by mistake." That code is your WhatsApp verification — sharing it gives them your account. Never share OTP codes with anyone.

Change all passwords — email, banking, social media. Use a unique password for each account.

Enable Two-Factor Authentication (2FA) on every account — use an authenticator app, not SMS.

Check your email in TeraDef's free Breach Check — see if your credentials have been leaked.

Contact your mobile carrier and add a PIN/password requirement for SIM changes.

Never share OTP codes, PINs, or passwords with anyone — no bank or company will ever ask for these.