LAGOS — Nigerian banks lost a staggering ₦52.3 billion to various forms of digital fraud in 2024, marking a more than 350 percent increase from ₦11.6 billion recorded in 2020, despite a significant drop in the number of reported incidents.

Data obtained from the Nigeria Inter-Bank Settlement System (NIBSS) and the Financial Institutions Training Centre (FITC) indicates that while reported fraud cases declined by 31 percent over the four-year period, cybercriminals are now conducting fewer but more sophisticated and financially damaging attacks.

Industry experts say the spike in financial losses reflects a shift in fraudsters’ tactics—from mass, indiscriminate attempts to targeted exploits that prey on digital banking users’ negligence, including poor password habits, lack of vigilance, and failure to observe basic online safety measures.

Customers the Weakest Link

Security specialists and banking professionals say customers remain the most vulnerable aspect of the digital financial system, often inadvertently aiding fraudsters through social engineering schemes, phishing emails, and SIM swap attacks.

“People still fall for phone calls and messages claiming to be from their banks,” said Arlene Carter, a digital safety advocate. “Many victims willingly disclose one-time passwords (OTPs), card PINs, or CVV codes simply because someone claimed to be from the bank.”

Carter advised customers to avoid giving out sensitive banking details under any circumstances. “If someone calls you asking for your password or OTP, hang up and call your bank directly. Your bank will never ask for details they already have,” she said.

She further recommended using mobile app features such as temporary card disabling, setting transaction limits, and enabling biometric authentication to reduce exposure to fraud.

SIM Swap Fraud on the Rise

One of the most alarming trends is SIM swap fraud, in which fraudsters manipulate telecom providers to issue a new SIM card linked to a victim’s number. Once successful, they can receive OTPs and gain full access to the victim’s bank accounts.

“If your phone suddenly loses network service or you receive a message that your SIM has been deactivated, that could be the beginning of a SIM swap attack,” warned Fahad Salim, a commercial banker. “In such cases, it is crucial to immediately alert both your bank and network provider.”

Banks Strengthening Systems, But User Habits Lag

Banks have invested heavily in advanced digital security systems—including two-factor authentication, artificial intelligence for behavioural monitoring, and fraud detection engines—but experts say these efforts can be easily undermined by poor customer digital practices.

“Most breaches we investigate can be traced back to the customer,” said Jens Hartmann, Head of Learning and Development at Barrett Consulting Group. “People write down their PINs, share their cards with others, or click on fake links. All of this puts their funds at risk.”

Hartmann also highlighted the dangers of using outdated banking methods, such as paper cheques or unsecured public computers for internet banking. He urged customers to consult with their banks about available security features, such as dynamic transaction PINs and card usage controls.

Advice for Safe Digital Banking

Rama Krishna, a cybersecurity advocate and business executive, advised customers to use only trusted apps, avoid storing sensitive information on their devices, and never use shared or public devices for financial transactions.

He also encouraged those with significant savings to keep a portion in fixed deposit accounts, which are generally harder for cybercriminals to access.

“Most fraud happens because people are too trusting or too careless,” Krishna said. “You must assume every unknown caller or message is a potential scam unless proven otherwise.”

A Shared Responsibility

While banks have an obligation to protect customer funds, experts stress that digital safety ultimately starts with the individual.

“Banks now offer SMS alerts and app notifications—use them,” said Salim. “If you see anything suspicious, report it immediately. Timely action can make all the difference.”

The consensus among professionals is clear: as digital banking fraud becomes more targeted and technologically advanced, customer awareness and proactive security practices are just as critical as the technical safeguards put in place by financial institutions.

Key Safety Tips:

• Never share OTPs, PINs, or CVVs.
• Use only official banking apps.
• Set transaction limits and alerts.
• Avoid public Wi-Fi for banking.
• Enable fingerprint or facial ID if supported.
• Immediately report network loss or unauthorised activity.

With Nigeria’s digital economy continuing to expand, experts warn that digital banking fraud will remain a significant threat unless both banks and customers treat cybersecurity as a shared, non-negotiable priority.