Essential Insights
- A 37-year-old Nigerian man, Matthew Akande, was sentenced to 8 years for leading a five-year cybercrime ring that stole over $1.3 million via fraudulent U.S. tax refunds, involving more than 1,000 false claims totaling $8.1 million.
- Akande and co-conspirators hacked into tax firms, stole client data, and used phishing emails with malware to facilitate the scheme, with victims primarily located in Massachusetts.
- After his arrest at Heathrow and extradition to the U.S., Akande pleaded guilty to multiple charges including wire fraud, unauthorized computer access, and identity theft.
- Prosecutors ordered Akande to pay nearly $1.4 million in restitution, and the scheme involved transferring stolen funds across U.S. and Mexican accounts, highlighting transnational cybercrime operations.
Underlying Problem
Matthew Abiodun Akande, a 37-year-old Nigerian man, was sentenced to eight years in prison after participating in a five-year cybercrime operation. According to the Justice Department, Akande and at least four co-conspirators targeted U.S. tax agencies by hacking into tax preparation firms’ networks. They stole clients’ sensitive data and filed over 1,000 fraudulent tax returns, claiming more than $8.1 million in bogus refunds. Notably, Akande also sent phishing emails to Massachusetts-based firms, tricking employees into downloading malware like Warzone RAT, which further facilitated their access. The scheme resulted in more than $1.3 million being illegally obtained, with funds deposited into U.S. bank accounts and later transferred to Mexico, where Akande was residing.
The incident was exposed when Akande was arrested at Heathrow Airport in 2024 and extradited to the U.S. in 2025. Prosecutors outlined his involvement in conspiracy, wire fraud, identity theft, and other crimes, emphasizing his role in directing stolen funds to be withdrawn and transferred internationally. His co-conspirators included individuals in the U.S. and in North Dakota, with some of the stolen money being handed over to third parties in Mexico. Despite claims from his lawyer that Akande did not live luxuriously in Mexico, prosecutors ordered him to pay nearly $1.4 million in restitution. The case was reported by the Justice Department, which confirmed Akande’s criminal activities and subsequent sentencing.
What’s at Stake?
The case of a Nigerian man receiving an eight-year prison sentence for running a fraudulent tax refund scheme highlights a serious risk that any business can face: criminal schemes targeting financial processes. Such schemes can cause countless damages, including financial loss, reputational harm, and legal consequences. If your business becomes unknowingly involved or targeted, it might suffer from significant monetary penalties, damaged trust with customers and partners, and costly legal battles. Furthermore, these incidents can disrupt daily operations, strain resources, and tarnish your brand’s integrity. Therefore, it is crucial to establish strong internal controls, remain vigilant against fraud, and ensure compliance, since otherwise, similar schemes could happen to your business, leading to devastating consequences.
Fix & Mitigation
Addressing cyber threats promptly is crucial to minimize damage, prevent further exploitation, and restore trust. In the case of a Nigerian man sentenced for running a fake tax refund scheme, swift and effective remediation is vital to prevent similar incidents and uphold regulatory compliance.
Risk Identification
- Conduct comprehensive threat detection to identify compromised systems and points of infiltration.
- Review logs and audit trails to understand the extent of the scheme.
Containment
- Isolate affected systems to prevent the spread of malicious activity.
- Disable compromised accounts or access points immediately.
Eradication
- Remove malicious software, tools, or fraudulent scripts from affected devices.
- Patch vulnerabilities exploited during the attack, including software and configurations.
Recovery
- Restore systems and data from secure backups, verifying integrity before reintegration.
- Re-establish normal operations carefully to avoid recurrent issues.
Notification & Reporting
- Inform relevant regulatory agencies and stakeholders as per legal requirements.
- Communicate transparently with affected clients or partners about the breach.
Post-Incident Analysis
- Conduct a lessons-learned review to understand weaknesses and improve defenses.
- Update security policies and controls based on findings.
Training & Awareness
- Educate staff on recognizing phishing and social engineering tactics used in schemes.
- Promote best practices for secure handling of sensitive information.
Policy Enforcement
- Strengthen authentication protocols, such as multi-factor authentication.
- Implement strict access controls and regular review of permissions.
Continuous Monitoring
- Deploy advanced security tools for ongoing surveillance of network activity.
- Regularly test incident response plans and conduct simulations.
Continue Your Cyber Journey
Stay informed on the latest Threat Intelligence and Cyberattacks.
Explore engineering-led approaches to digital security at IEEE Cybersecurity.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1cyberattack-v1-multisource
