However, with these connections come greater risks, hackers, scams, and other cyber threats that exploit a single careless click.

To mark Cybersecurity Awareness Month, the National Information Technology Development Agency (NITDA) is urging Nigerians to take personal responsibility for protecting themselves and their communities online. The Agency emphasizes that cyber safety begins with individual action and that simple steps can make a significant difference.

Speaking on the importance of this year’s campaign, Mrs. Hadiza Umar, director, Corporate Communications and Media Relations at NITDA, said the Agency is committed to raising national awareness on digital safety.

“Cybersecurity is everyone’s business,” Mrs. Umar stated. “As more Nigerians embrace technology for work, education, and daily living, it is vital that we all adopt safe online habits. A single act of caution, like using strong passwords or verifying a link before clicking, can prevent major data breaches and financial losses. Together, our collective vigilance builds a safer digital nation.”

She noted that this year’s theme, “Cyber Hygiene for a Safer Tomorrow,” underscores the shared responsibility required to build a secure digital future. By protecting themselves, individuals also safeguard their families, workplaces, and the wider online community.

NITDA recommends that Nigerians adopt the following cyber hygiene practices to strengthen their digital safety:

• Use strong and unique passwords for all online accounts.
• Enable two-factor authentication to add an extra layer of protection.
• Keep devices and applications updated regularly.
• Back up important data frequently.
• Avoid suspicious links or attachments from unknown sources.
• Think carefully before sharing personal or financial information online.

Mrs. Umar reiterated NITDA’s commitment to building a secure and digitally resilient Nigeria through continuous education, stakeholder collaboration, and responsive policy implementation.

“As we continue to strengthen Nigeria’s digital ecosystem, we call on all citizens to stay alert, click wisely, and stay safe online,” she added.

• The rising popularity of cryptocurrency has attracted a surge of scammers preying on both new and experienced investors.
• Common scams include fake exchanges, phishing emails, Ponzi schemes, impersonation fraud, and malware attacks, leading to significant financial losses.
• Online security expert Richard D. advises using reputable exchanges, enabling VPN protection, and staying vigilant to navigate the crypto market safely.

Cryptocurrency has never been more popular. Bitcoin continues to hit record highs, and even public figures like Donald and Melania Trump are launching their own coins. 

With millions joining the crypto frenzy, scammers are seizing the opportunity to exploit the uninformed. “Scammers thrive on hype,” says Richard D, an online security expert at VPN Pro. “The more people rush into crypto, the easier it is for bad actors to exploit their lack of knowledge.”

From fake exchanges to phishing schemes, here are some of the most common crypto scams and how to avoid them.

8 Common Crypto Scams and How to Avoid Them

1. Fake Cryptocurrency Exchanges

Scammers create convincing replicas of legitimate crypto platforms, luring users to deposit funds that become impossible to withdraw. These fake exchanges are usually promoted through phishing links and social media ads, making them seem authentic.

How to Stay Safe:

Verify exchanges through independent reviews.

Ensure the platform is registered with relevant regulatory authorities.

Stick to reputable exchanges like Coinbase, Binance, or Kraken.

2. Phishing Emails

Fraudsters send emails that mimic official crypto platforms, tricking users into clicking malicious links or sharing private keys. These emails often contain urgent warnings to pressure victims into taking action.

How to Stay Safe:

Double-check email senders and website URLs.

Never click on unsolicited links.

Remember, legitimate platforms will never ask for private keys via email.

3. Ponzi Schemes

These scams promise guaranteed high returns by using funds from new investors to pay earlier participants. They rely on testimonials, influencers, and hype to attract victims before ultimately collapsing.

How to Stay Safe:

Be sceptical of investments that promise high, consistent returns.

Research thoroughly and avoid schemes that depend on recruitment.

4. Fake Initial Coin Offerings (ICOs)

Scammers create elaborate websites, whitepapers, and marketing campaigns to promote non-existent blockchain projects. They collect funds from investors before vanishing.

How to Stay Safe:

Research the project’s team, partnerships, and technology.

Look for verified information on trusted blockchain platforms.

5. Pump-and-Dump Schemes

Scammers buy large amounts of a low-cost cryptocurrency, artificially inflate its value through hype, then sell off their holdings, leaving other investors with worthless coins.

How to Stay Safe:

Avoid investments driven by social media hype.

Focus on cryptocurrencies with transparent teams and real-world use cases.

6. Impersonation Scams

Fraudsters create fake profiles of celebrities, influencers, or crypto companies, promoting fake giveaways or investment opportunities. Victims send funds, only for the scammer to disappear.

How to Stay Safe:

Verify accounts with blue checkmarks.

Remember, legitimate figures never ask for upfront payments for giveaways.

7. Social Media Scams

Scammers use fake accounts or groups on platforms like Twitter, Facebook, and Telegram to promote fraudulent token giveaways, phishing links, and fake ICOs.

How to Stay Safe:

Always verify the authenticity of social media accounts.

Never share wallet details, private keys, or sensitive information.

8. Malware Attacks

Some malware can infiltrate devices via fake crypto apps, phishing links, or malicious downloads. Hackers use these tactics to steal private keys or redirect transactions to their own wallets.

How to Stay Safe:

Keep antivirus software updated.

Download apps only from trusted sources.

Double-check wallet addresses before confirming transactions.

Why a VPN is Essential for Crypto Security

Beyond avoiding scams, protecting online activity is neccessary for crypto users.

A VPN (Virtual Private Network) creates a secure, encrypted connection, hiding users’ IP addresses and safeguarding their online transactions. Public Wi-Fi networks are especially risky, as hackers can intercept data—but a VPN protects against these threats.

Some VPNs, like VPN Pro, offer malware blocking, ad blocking, and phishing protection, providing an extra layer of security against crypto-related scams.

“The rapid rise of cryptocurrency has transformed the way we think about money, but it has also opened the door to unprecedented levels of online fraud,” says Richard D.

“Staying ahead of these threats requires a proactive mindset. Educate yourself about the risks before entering the crypto market. Use trusted sources to research platforms, and never rush into an investment based on pressure or promises of quick returns. 

“Secure your online presence by avoiding public Wi-Fi when accessing trading accounts, or better yet, use a VPN to safeguard your activity. By staying informed and cautious, you can navigate the crypto space confidently and minimize your risk of falling victim to scams.”

The crypto market brings incredible opportunities but also huge risks. Scammers prey on fear, urgency, and misinformation—so staying informed is the best defense. 

In using reputable exchanges, verifying sources, and securing your online presence with tools like VPN Pro, you can trade safely and protect your investments.

A recent study found that nearly 60% of all online fraud cases in 2024 involved AI-powered scams, a number that hasn’t stopped growing as scams become more sophisticated. 

AI’s ability to mimic voices, faces, and even videos is making scams more personal and harder to detect.

Experts from Psono.com have warned about how scammers are now using AI to launch highly convincing attacks, including voice cloning and phishing emails. These advancements are creating added risks to personal data and financial security.

Let’s explore the various types of AI-powered scams plus ways to protect yourself from falling victim.

1. AI-Powered Scams: The Rise of Deepfakes

AI is now being used to create deepfakes, which can impersonate voices, faces, and even video footage of family members, friends, or colleagues. Through harvesting data from social media profiles, scammers can generate realistic recordings or videos that ask for money or sensitive information. 

This new level of impersonation makes it alarmingly difficult to distinguish genuine requests from fraudulent ones.

What to Do: If you receive an unexpected request from someone you know, always ask them questions that only the real person could answer. A vague or incorrect response is a red flag. Be cautious and verify before acting.

2. Gift Card Scams: Targeting Your Shopping Habits

During peak shopping seasons, scammers use AI to analyse online shopping patterns and target victims with gift card scams. They may impersonate a loved one or a store, asking for gift cards to resolve an emergency or issue. Once the gift card codes are shared, they are quickly redeemed, resulting in financial loss for the victim.

What to Do: Never share gift card information with anyone, especially if the request is unexpected or urgent. Always contact the person or company directly through verified channels to confirm the request before taking any action.

3. Vishing: The Telephone Scam

Vishing, or voice phishing, involves fraudsters impersonating trusted institutions, such as banks or government agencies, over the phone. They create a sense of urgency, claiming suspicious activity on your account, and pressure you into providing sensitive information.

What to Do: Legitimate organizations will never ask for sensitive information over the phone. If you receive such a call, hang up immediately and contact the institution directly using a verified number.

4. Smishing: The Phishing Text

Smishing scams are delivered through text messages, often posing as account updates or delivery alerts. The goal is to trick the recipient into providing personal credentials or downloading malicious software.

What to Do: Always check the sender’s number. If it doesn’t match the official organisation, it’s likely a scam. Don’t click on any links in unsolicited messages and verify the content with the company before acting.

5. Clone Phishing: Malicious Copies of Real Emails

Clone phishing occurs when scammers replicate legitimate emails, such as receipts or notifications, and replace the links or attachments with malicious ones. The familiarity of the original email makes the fraudulent one harder to spot.

What to Do: Always check the sender’s email address carefully. Hover over any links to see where they lead and, if in doubt, contact the sender directly via official communication channels.

6. Social Media Phishing: Fraud on Social Networks

Phishing on social media involves hackers using fake or compromised profiles to send messages that appear to come from trusted contacts. These messages may offer giveaways or ask for urgent action, often aiming to steal login credentials or other personal details.

What to Do: Never click on links sent through unsolicited messages. Double-check any request through official channels, and be cautious of login pages that look suspicious.

7. Man-in-the-Middle Attacks: Public Wi-Fi Hazards

Hackers can intercept data sent over unsecured public Wi-Fi networks, such as in cafes or airports, to steal passwords or banking information. These attacks are often unnoticed by the user but can have devastating effects.

What to Do: Avoid accessing sensitive accounts over public Wi-Fi. Use a Virtual Private Network (VPN) for added security, and ensure websites are encrypted by looking for “https://” in the URL before entering any personal information.

8. Ransomware: A Growing Threat

Ransomware attacks encrypt files or lock devices and demand payment to restore access. These attacks often begin with phishing emails or malicious downloads and can be financially ruinous.

What to Do: Regularly back up important files to an offline location and avoid downloading suspicious attachments. If attacked, report the incident to the authorities and seek professional assistance to mitigate the damage.

9. DNS Spoofing: Fake Websites Designed to Deceive

DNS spoofing involves redirecting users to fake websites that closely resemble legitimate ones. These fake sites are designed to steal login credentials or credit card information from unsuspecting visitors.

What to Do: Always double-check website addresses before entering any sensitive information. Look for “https://” in the URL, and consider using tools that protect against DNS attacks.

10. Fake Job Offers: The Scam Job Posting

Scammers often post fake job offers that promise high pay or flexible work arrangements, asking for payment or personal information upfront. These scams typically target those looking for remote work or those seeking employment during economic downturns.

What to Do: Before providing personal details or making payments, ensure the job offer is legitimate. Research the company thoroughly and contact them directly through verified channels to confirm the offer’s authenticity.

Sascha Pfeiffer, CEO of Psono, commented on the growing threat of AI in cybercrime, saying, “AI is changing how scammers operate, making their attacks more personal and harder to spot. They use tools to mimic voices, create fake videos, or send messages that seem to come from trusted contacts. It’s now easier than ever to fall for a scam, whether it’s a text from a friend asking for help or a gift card offer from a favourite store. Staying alert is important, as these scams can lead to serious financial losses. Under no condition should you share very personal data, such as passport details or credit card CVV, via email, phone, or any other method that can be easily accessed by hackers.”

Pfeiffer further advised, “If you hear the voice of a close person asking for help, take extra precautions to verify their identity by asking specific questions or details only they would know, ensuring you’re speaking to the real person.”

Stay Vigilant to Protect Yourself

AI is evolving and so are the tactics used by cybercriminals. Scams are becoming more realistic, personalised, and harder to detect. However, staying vigilant and adopting simple security practices will help individuals protect their personal information and avoid falling victim to these sophisticated attacks. 

Always verify requests, question any unusual behaviour, and remember that your data is valuable—take steps to keep it safe.

With universities becoming more concerned about their networks’ cybersecurity, attackers find ways to breach these systems by targeting inattentive students, staff and professors.

Kaspersky experts highlight intensified phishing campaigns with fraudsters exploiting the names of some of the worlds’ biggest universities.

University-specific phishing pages are usually well-crafted and mimic official university webpages or online learning management systems.

Once users visit false pages, they are duped into sharing personal information like account credentials, IP addresses or location data.

The importance of universities’ corporate account safety is often underrated when referring to organisations’ data protection.

Famous educational institution names, some with critical research centers operating in various fields from political economy to nuclear physics, are used as a lure to distribute phishing pages.  

And with governments and large corporations often purchasing research studies from these universities, it makes the sensitive data they possess extremely valuable for attackers.

By accessing students’ or employees’ accounts, the attacker may access personal information of their victims but also their educational plans, payment information and timetable of classes. This carries the risks of online threats transitioning to real life stalking and abuse.

“Education becoming more digitalised is a beneficial shift. Not only do learning management systems allow students to maximise their academic progress in the most efficient way, but also more people across the world get a chance to learn from the best professors at the biggest universities. This also widens the spectrum of threats student face. Scammers are luring students to give away their personal credentials to access data containing not only unique expertise but also private and potentially compromising information,” comments Olga Svistunova, security expert at Kaspersky.

Kaspersky recommends the following measures to safeguard systems and young people against education fraud:

• Check before clicking: It’s always advisable to hover over the link to preview the URL,and look for misspellings or other irregularities. 
• Introduce some form of two-factor authentication for information systems, especially web-based ones, and particularly for access to student records, grades and assessments. Set strong and appropriate access controls, so that it is not easy for a hacker to move laterally through the system.
• On campus, have two separate and secure wireless networks, one for staff and one for students, and if possible, a third for visitors.
• Introduce and enforce a robust staff password policy and encourage everyone to keep their access credentials confidential at all times. Never use the same password for several websites or services, because if one is stolen, all your accounts are under risk. To create strong hack proof passwords without having to face the struggle of remembering them, use password managers, such as Kaspersky Password Manager. It’s available for purchasing on its own, but it’s also included as part of Kaspersky Total Security. To celebrate the beginning of the school year, users purchasing consumer solutions will get a discount of up to 30%. The special offer is running in Nigeria till September 12^th.
• Use a reliable security solution for comprehensive protection from a wide range of threats, such as Kaspersky Endpoint Security for Business.