The Nigeria Police Force has arrested suspected cybercriminals linked to coordinated cyberattacks targeting Microsoft 365 email systems used by major corporate organisations across multiple jurisdictions.
The arrests were carried out by operatives of the Nigeria Police Force National Cybercrime Centre (NPF–NCCC) following credible intelligence received from Microsoft Corporation in the United States, through the Federal Bureau of Investigation (FBI). The intelligence uncovered the deployment of a sophisticated phishing toolkit known as RaccoonO365, designed to create fake Microsoft login portals to harvest user credentials and gain unauthorised access to corporate email platforms.
Police investigations revealed that the cybercriminals used phishing emails crafted to closely resemble legitimate Microsoft authentication pages, enabling them to compromise email accounts belonging to corporate, financial and educational institutions. The attacks, which occurred between January and September 2025, resulted in business email compromise, data breaches and financial losses in several countries.
Acting on actionable intelligence, the NPF–NCCC launched a coordinated, intelligence-driven operation in collaboration with Microsoft, the FBI and the United States Secret Service. The operation led to the deployment of operatives to Lagos and Edo states, where three suspects were arrested.
Searches conducted at the suspects’ residences led to the recovery of laptops, mobile phones and other digital devices. Forensic analysis of the recovered items reportedly linked them to the fraudulent cyber scheme.
Further investigations identified one Okitipi Samuel, also known by the aliases “RaccoonO365” and “Moses Felix,” as the principal suspect and alleged developer of the phishing infrastructure. Police said he operated a Telegram channel through which phishing links were sold in exchange for cryptocurrency, while fraudulent Microsoft login portals were hosted on Cloudflare using stolen or fraudulently obtained email credentials.
However, investigators disclosed that there is currently no evidence linking the two other arrested suspects to the development or operation of the phishing toolkit.
The Nigeria Police Force reiterated its commitment to protecting Nigeria’s digital ecosystem, stressing that it will continue to leverage advanced technology, international cooperation and diligent investigative and prosecutorial processes to combat emerging cyber threats.
The statement was issued by the Force Public Relations Officer, CSP Benjamin Hundeyin, at the Force Headquarters in Abuja.
About The Author
