As early as 2012, Trend Micro predicted that we would see a cybercriminal underground market emerge from the region. What are cybercriminals up to in this part of the world, especially in West Africa? The arrest of the mastermind behind Limitless following the joint efforts of INTERPOL and the Nigerian Economic and Financial Crime Commission, aided by security vendors including Trend Micro, showed that the threat of cybercrime from West Africa is growing. To more clearly map the landscape, INTERPOL conducted a survey among its member countries in West Africa. The survey results, combined with Trend Micro research findings, revealed that West African cybercriminals are experts in committing crimes against individuals and businesses, aided by very clever social engineering tactics.
Two major types of cybercriminals reign in West Africa—so-called “Yahoo boys” and “nextlevel cybercriminals.” Yahoo boys excel in committing simple types of fraud (advancefee, stranded-traveler and romance scams/fraud) under the supervision of ringleaders or masterminds. Next-level cybercriminals, meanwhile, are more experienced and prefer to pull off “long cons” (business email compromise [BEC] and tax scams/fraud) or crimes that require more time, resources, and effort. They use malware (keyloggers, remote access tools/Trojans [RATs], etc.) and other crime-enabling software (email-automation and phishing tools, crypters, etc.) that are easily obtainable from underground markets.
Cybercriminals are bound to continue honing their know-how, skill sets, and arsenals to slowly but surely form their own community. There may not be a West African cybercriminal underground market now, but cybercrime is definitely an issue in the region. This can be seen from the constant increase in the volume of cybercrime-related complaints targeting both individuals and businesses that law enforcement agencies in the region receive, as shown by the INTERPOL survey.
The full text of the report here.