It used to be Nigerian Princes (Yahoo Yahoo boys) selling non-existent properties or entities to greedy people, or the ones who genuinely want to invest in Nigeria’s budding economy. Now, it has morphed into a full-blown cultural system of the tech-smart, and the shortcut enthusiasts. It is a result of unemployment, ignorance, poverty, showbiz lovers, and an attempt to fight a system that does not care for its citizens.
None of those reasons is justifiable, but it will take more than an article, a town hall meeting or a TED talk to change the disposition of anyone who decides ‘it is time to start stealing from those abroad.’
“Dear beloved,” the Nigerian Prince, now referred to as the Yahoo Yahoo boy, will write. “I’m a Prince from Edo, Nigeria, coming to you with an incredible investment opportunity. There is a massive land property the Kingdom wants to sell and I can help you acquire it. I will only need a cash advance to convince some other people to look away from the land.” He goes on to explain why the receiver should not miss this opportunity and is usually elaborate with the details.
The Nigerian Prince is a variation on the centuries-old Spanish prisoner swindle, an advance-fee scam that emerged after the French Revolution, where people sent handwritten letters soliciting help for a (non-existent) nobleman falsely imprisoned.
Yahoo Yahoo first went global in the 1980s when West African fraudsters began snail-mailing scam letters around the world.
Before then, it was a herbalist selling drugs that could heal all the thinkable ailments with just one pill. And all these still thrive.
In 2018, internet fraud got more than $700,000 from Americans alone.
Except that the Yahoo Yahoo boy has become a distant lover who uses iPhones and MAC laptops to communicate with his ‘lover.’ That Nigerian Prince might now be a South African banker, for example, or a U.S. soldier in the Middle East.
But the term has stuck as a catchall for international “advance fee” frauds.
A typical Nigerian internet fraud
It is not as easy to identify an internet fraudster knowing that their fashion styles are not particular to them, and nor is their use of expensive gadgets or cars or accommodation. But, their regular expensive lifestyles arguably say something.
It will take intelligence from relevant agencies and a court to understand that an individual is an internet fraudster.
The Yahoo Yahoo boy will prey on those looking for romantic relationships, generally through dating platforms, or social media, posing as potential partners. He will then use emotional manipulation to get into the head of the love seeker to persuade them to provide monetary items or personal information.
In their circle and now on social media, the lingo is vast and ever-expanding: from words like ‘streets’ to ‘clients’ to ‘updates’ to ‘cashout.’ These terminologies are spread further by people in the entertainment industry.
Indeed, these days, many families, religiously conservative or not, have one Yahoo Yahoo boy. And, while we see the men most, there are women joining the circle; some already joined as the front to the lover, as the men cannot have video calls with their lovers.
Romance scams are just one in the Yahoo Yahoo mix and do not rake in as much. Some others include identity theft, credit card fraud, government benefits, business/personal loans, and tax fraud.
From Nigerians, there is no definite number, except reports including the arrest of 35 Nigerians In Texas For $117 million fraud, 77 Nigerians were arrested for participating in a massive conspiracy to steal millions of dollars through a variety of fraud schemes and launder the funds through a Los Angeles-based money laundering network.
Popular Instagram celebrity, Hushpuppi was arrested in Dubai. 8 Nigerians were charged with conspiracy to engage in internet scams and money laundering from Cape Town. Another 59 suspects were placed on the Wanted List of the EFCC for various fraudulent activities up to the tune of about ₦435 billion and $397,758,000, etc.
The list includes a former special adviser to the current Ogun governor, who has pleaded guilty to stealing the identities of 20,000 Americans to claim $2 million in disaster relief including $350,000 in COVID benefits.
On a global scale, business losses stemming from cybercrime hit $3 trillion worldwide in 2019.Juniper Research
A goldmine of skillsets
Now, scams are so personalised, that even the most careful or skeptical individual is at risk. It takes the person to be 10% less doubtful.
Social engineering: The internet 419 ecosystem is most likely the best-known example of social engineering. In this context, Kaspersky defines social engineering this way:
…a manipulation technique that exploits human error to gain private information, access, or valuables. In cybercrime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems.
Jacob Dorval, global director of the adversary group at SecureWorks says most social engineering attacks begin with a form of phishing—an email, phone call, or even in-person interaction with a seemingly trustworthy source who’s really after your private data.
In simple terms, social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data.
For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password.
Another example is the 2020 Twitter Bitcoin scam, which proves that all social engineers need is a little open-source intelligence to compromise the accounts of leaders, celebrities, and major brands like former U.S. President Barack Obama, Elon Musk, and Apple.
Social engineers exploit certain universal human qualities: greed, curiosity, politeness, deference to authority, and so on. So, they understand human behaviour to a certain level.
James Bettke, a counter-threat unit researcher at SecureWorks, says, “They’re not very technically sophisticated, they can’t code, they don’t do a lot of automation, but their strengths are social engineering and creating agile scams. They spend months sifting through inboxes. They’re quiet and methodical.”
Also, Mark Nunnikhoven, the vice president of cloud research at TrendMicro, says, “What stands out about this community of criminals is their willingness to learn from each other and a near myopic focus on social engineering scams.”
The twist: Social engineering can yield positive outputs that include networking, collaboration, entertainment that serves up instant gratification, newfound confidence, and possibly a memorable day for all parties involved – Van Ngo.
Knowledge of the internet/software: Besides using VPNs to make their locations anonymous or travel digitally to another country, the internet fraud uses malicious software – malware/ransomware – to get the information they need.
Malware – the use of malicious software to damage or disable users’ devices or steal personal and sensitive data.
Ransomware – a type of malware that prevents users from accessing critical data then demanding payment in the promise of restoring access. Ransomware is typically delivered via phishing attacks.
Usually combined with social engineering, the internet fraud uses popups, greeting cards, and ads to target users of internet platforms.
You could be excited when you see a #HappyMonday popup on an online platform, and later realise that the data on your phone has been compromised and used for sinister motives because you clicked on the popup.
The twist: This Net-savviness means they have the next level or next several levels of Internet/Web skills, which includes knowledge of all the features of applications and software, understanding social media use beyond sending tweets and posting statuses, as well as being extremely aware of potential viruses.
Knowing that internet fraud is becoming a mainstay because unemployment and poverty keep increasing, why can we not reform these people to become indispensable drivers of a digital economy?
How will rehabilitation look like?
Mixing tech and internet fraud is a hard nut to chew. It will not be just one three-month rehabilitation program that will make an internet fraudster develop an interest in Python or even HTML.
But, Tunde Onakoya’s story tells us anything may be possible.
In 2019, the then acting Chairman of the Economic and Financial Crimes Commission (EFCC), Ibrahim Magu, in a paper titled, ‘Strategic change administration and innovation to curb corruption in Nigeria,’ said the agency is planning to rehabilitate young people who are engaged in Internet fraud.
He stated, “so if you carry money from Nigeria and escape to Ghana, we will just call the men in Ghana and say, ‘arrange this man and keep him for me. This is what the Yahoo Yahoo boys like to do. But we are planning to rehabilitate them because they can be useful to us in the future.”
He is looking ahead, we are looking at that now too.
Again, internet fraudsters understand people and methods to spur people into action using basic technology. Combine this quality with their determinative skills to get rich quickly, you have a Product Manager.
If you are looking at a tech-inclined individual, then you will be trying to make internet fraudsters, who spend months sieving through emails, contacts, and addresses, understand that coding may take a shorter time to learn and possibly more money to be made without looking over their shoulders. Add personal pride as a solution provider to the mix. Don’t say people do not like to be called CEO/Founder.
In 2019, the Director of the Velma Foundation, David Ashaolu, at a press conference said plans are underway to rehabilitate more than 20 internet fraudsters, and the plan would be actualised through the Velma Action to Reduce Cybercrimes (VELMA-ARC).
Ashaolu said VELMA-ARC was a social integration programme for the rehabilitation of cybercriminals. According to him, those to be rehabilitated are those who had voluntarily submitted themselves for that.
So, rehabilitation has begun.
Yahoo Yahoo boys are not irredeemable unless we agree that our prison systems in Nigeria do the actual rehabilitation. We see expert Product Testers, Product Managers among these boys. A rehabilitation for entry into tech will require classes that include mind revolution – which is a possibility.
Question: are yahoo yahoo boys ready to be rehabilitated?
That’s if I hit a huge amount of money I’ll stop ✋Emeka, a student, 21
Lateef from Ijebu says, “I’m doing it because that’s the only option right now. and it’s also something I wish to stop when I see a better offer.”
When asked if he has considered going to a possible support system, he says there is none and would rather continue until he gets “something concrete.”
“Yes, I will agree with it,” when asked if he will consider a rehabilitation programme.
For Ifeanyi in Ibadan, an HND holder, the government has to be intentional with providing platforms for rehabilitation and setting them up before they can make definite decisions on stopping internet fraud.
“If the government decides to make me a tech person by teaching me a tech skill and helping me with a start-up am going to leave yahoo and then focus on the tech business in as much as it earns me money to make a living. This yahoo of a thing (sic) it’s really not easy. even we guys that are engaged in yahoo do not find joy in it as someone else needs to lose money before we can gain.”
We need not say more.
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!