The Network Contagion Research Institute (NCRI) has uncovered a disturbing trend targeting teenagers in Western English-speaking countries. According to their findings, Nigeria-based cybercriminals are increasingly engaging in financial sextortion attacks against young people, particularly on popular social media platforms such as TikTok, Snapchat, Instagram, and Wizz.
This rapidly growing form of crime, which involves adults manipulating minors into sharing sexually suggestive content in order to extort money from them, has become a major concern in the US, Canada, and Australia. In fact, the FBI reported a staggering 1,000% increase in financial sextortion incidents over the past 18 months, prompting government agencies to issue a national Public Safety Alert to address the threat.
In Canada and Australia, law enforcement agencies are also facing a surge in complaints related to financial sextortion incidents, with between 200 and 300 incidents reported per month in each country.
According to the US National Center for Missing & Exploited Children (NCMEC), social media platforms have become the primary avenue for these sextortion schemes. Instagram, Snapchat, and Wizz were identified as the top platforms for these criminal activities, with Instagram being the most common vector for targeting victims. The NCRI report highlighted that nearly all financial sextortion attacks on minors involved the screenshotting of the victim’s Instagram followers/following lists, which were then used as leverage to threaten the sharing of intimate photos.
Snapchat is frequently used by criminals to coerce victims into sending compromising photos, taking advantage of the false sense of security provided by the app’s design features. Meanwhile, Wizz, a dating platform targeting young teenagers, has also become a major platform for these nefarious activities, with multiple reports of minors being coerced into producing sexually explicit material and being blackmailed.
The surge in sextortion activity has been linked to Nigeria-based cybercriminals known as ‘Yahoo Boys.’ These individuals use advanced social engineering tactics to coerce their victims, often targeting high schools, youth sports teams, and universities with fake accounts. While not part of a structured cybercriminal group, ‘Yahoo Boys’ have been known to share their knowledge with each other, including sextortion scripts and instructional videos, on various platforms such as TikTok, YouTube, and Scribd.
Despite the surge in sextortion incidents, little information has been shared about the specific individuals involved, with only three known indictments of these criminals in court records and public reporting to date.
The term ‘Yahoo Boys’ has been used since the early 2000s to refer to financially motivated young Nigerians engaging in phishing scams under the guise of Yahoo.com email addresses. These individuals have shifted their focus in recent years to other forms of fraud, including fake job scams and romance scams. While they do not operate as a unified cybercriminal group, they form a loosely connected subculture and often operate individually or in small groups.
The findings from NCRI highlight the urgent need for greater awareness and action to address the growing threat of financial sextortion targeting teenagers in Western countries and the involvement of Nigeria-based cybercriminals in these criminal activities.