Scam alert! Hacktivist group Anonymous not giving Nigerians N2 million each during #EndSARS protests
“Hurry Up and Get N2.000,000 Naira Alert for free https://bit.ly/get-free-2million-endsars,” it reads.
The link leads to a webpage with the address nigeria.anonymoushack.xyz. (Note: the website appears to have been taken down.) This listed 12 Nigerian banks with the instruction “select your bank” as the first step in the process.
Selecting a bank led to another webpage where you were asked to choose your account type. On the next page you were then told to choose the amount you wanted – N20,000, N200,000 or N2 million.
No matter which amount you chose, you were then taken to a page with the message: “Congratulations you have won a Free #2,000,000 #EndSARS.”
You were then given certain steps to follow to claim the money, including sharing the message “with 20 friends/group through WhatsApp”.
But this is a scam, and there’s no evidence it is linked to Anonymous.
Anonymous and #EndSARS protests
Anonymous is known to be a decentralised group of international activist hackers linked to numerous high-profile hacking incidents. It has been tweeting its support for the #EndSARS protests.
The group has been credited with the reported hacking of multiple Nigerian government websites and the Twitter account of the country’s National Broadcasting Commission.
But the Central Bank of Nigeria, First Bank and DSTV, whose websites were reportedly hacked also by Anonymous, have all denied that their sites have been compromised, as have a few other banks.
And Anonymous has not promised to give Nigerians money. Instead, it warned people against publicly disclosing their bank accounts.
On 19 October the Anonymous Twitter account @YourAnonCentral tweeted: “We've noticed many of you in... Nigeria... are publicly sharing your bank account details across social media. For your own financial safety, we highly advise against such actions. Especially if you are openly sharing such details with alleged hackers.”
We've noticed many of you in... Nigeria... are publicly sharing your bank account details across social media. For your own financial safety, we highly advise against such actions. Especially if you are openly sharing such details with alleged hackers.
— Anonymous (@YourAnonCentral) October 19, 2020
Two days later it tweeted again: “Anonymous warns Nigerians against public disclosure of bank accounts over security reasons. Also insisted that Nigerians focus on getting justice in the #EndSARS campaign against police brutality instead of asking for money.”
Anonymous warns Nigerians against public disclosure of bank accounts over security reasons. Also insisted that Nigerians focus on getting justice in the #EndSARS campaign against police brutality instead of asking for money. https://t.co/J9D92S3Vwk
— Anonymous (@YourAnonCentral) October 21, 2020
Website not secure
Google Chrome identified the website as “not secure”, with a warning: “Your connection to this site is not secure. You should not enter any sensitive information on this site (for example passwords or credits cards), because it could be stolen by attackers.”
Users who respond to scam messages such as this risk becoming victims of cyberattacks such malware or ransomware, Boniface Alese, a professor of information and cybersecurity at the Federal University of Technology Akure in southwest Nigeria, told Africa Check.
“In the case of malware, the senders can infect your system with a virus that can disrupt it and have access to your passwords and records. They can use your apps, such as bank apps, etc. But in the case of ransomware, they can block you from accessing your computer until you pay them,” Alese said.
He warned if a message looked too good to be true or sounded urgent, users should not click. Check with official sources instead.
“Be careful with emails from people you do not know. Don’t click on any link in it if you can’t verify the source. Don’t joke with updates. Do software and system updates as soon as they become available. One trending type of cyberattack is that your online identity can be stolen and used to commit cybercrime.”