The Nigeria Police Force has announced the arrest of a suspect, Okitipi Samuel, over his alleged involvement in a cyberattack on the database of multinational technology company, Microsoft.
The Force Public Relations Officer,CSP Benjamin Hundeyin, disclosed this on Thursday, December 18, 2025 in Abuja while briefing journalists on the outcome of investigations carried out by the National Cybercrime Centre of the Nigeria Police Force, Punch reported.
According to Hundeyin, the centre, under the leadership of its Director, Commissioner of Police Ifeanyi Uche, commenced investigations in collaboration with Microsoft, the Federal Bureau of Investigation, the United States Secret Service, and the United Kingdom’s National Crime Agency.
Investigations revealed that a phishing toolkit known as “Raccoon 0365” was used to create fake Microsoft login portals to harvest user credentials and unlawfully access email accounts belonging to corporate organisations, financial institutions, and educational institutions in several countries
“This investigation commenced following credible intelligence received from Microsoft USA through the FBI, indicating that a malicious phishing toolkit known as Raccoon0365 was being used to create fake Microsoft login portals, harvest user credentials, and unlawfully access the email accounts of corporate organisations, financial institutions, and educational establishments,” Hundeyin said.
He added that between January and September 2025, several reports of unauthorised access to Microsoft 365 accounts were traced to phishing emails designed to mimic legitimate Microsoft login pages, enabling business email compromise, internal phishing, data breaches, and other cyber-enabled fraud.
Hundeyin said digital forensic analysis and cryptocurrency tracing identified wallets connected to the illegal operation
He noted that operatives were deployed to Lagos and Edo states, leading to the arrest of three suspects identified as Joshua, James, and Okitipi Samuel between September 20 and October 4, 2025.
“Following extensive digital forensic and technical intelligence analysis, the centre conducted cryptocurrency tracing that identified suspicious wallets connected to cash-out schemes. Acting on actionable intelligence, operational teams were deployed to Lagos and Edo states, resulting in the arrest of Joshua, James, and Okitipi Samuel. Searches at their residences led to the recovery of mobile devices, laptops, and other digital exhibits linked to the fraudulent scheme,” he said.
Hundeyin identified Okitipi Samuel, also known as “0365”, and Moses Felix as the principal suspect and developer of the phishing infrastructure.
“The primary suspect, Okitipi Samuel, also known as Moses Felix, has been identified as the developer and operator of the phishing infrastructure. Investigations revealed that he managed a Telegram channel used to sell phishing links in exchange for cryptocurrency and hosted fake login pages on Cloudflare using stolen or fraudulently obtained email addresses,” he said.
He said the suspect would be prosecuted in Nigeria, noting that the country has the capacity to enforce its cybercrime laws, although extradition could be considered if formally requested through due process.
Hundeyin assured Nigerians that the police, under the leadership of the Inspector-General of Police, Kayode Egbetokun, would continue to protect the country’s digital ecosystem and urged citizens to practise good cyber hygiene by being cautious when clicking links and sharing personal information online.
Speaking separately, the Director of the National Cybercrime Centre, CP Ifeanyi Uche, urged Nigerians to exercise caution online.
Uche advised members of the public to avoid clicking on links from unknown or unexpected sources, noting that such links often contain malware or phishing tools designed to compromise devices and personal data.
He warned that indiscriminate clicking of links or responding to unsolicited emails could lead to unauthorised access to personal and corporate accounts, urging citizens to “wash their cyber hands” by verifying sources before taking action online.
