---
title: "Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack | DMARC Report"
description: "Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack from DMARC Report explains practical steps for email authentication, domain."
image: "https://dmarcreport.com/og/blog/cybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack.png"
canonical: "https://dmarcreport.com/blog/cybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybercriminals%20Target%20X%2C%20Nigeria%20Fights%20Cyberattacks%2C%20Threat%20Actors%20Attack&url=undefined%2Fblog%2Fcybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack%2F&title=Cybercriminals%20Target%20X%2C%20Nigeria%20Fights%20Cyberattacks%2C%20Threat%20Actors%20Attack "Share on Reddit") [ ](mailto:?subject=Cybercriminals%20Target%20X%2C%20Nigeria%20Fights%20Cyberattacks%2C%20Threat%20Actors%20Attack&body=Check out this article: undefined%2Fblog%2Fcybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-21129” readonly/>
```
```
A fresh new month, a brand new starting. Yes, it is the month of February, and some of you are aiming to crush your Q1 2025 goals, while others are getting a bit tired of the 2025 New Year resolution rush. Businesses, brands, and e-commerce platforms are running lucrative offers to lure consumers into splurging their \*\*hard-earned money on retail therapy.
_Unfortunately, threat actors are lurking around, waiting for that one careless click or that ignorant download you make, which will help them invade your system_. So, businesses and individuals, be highly cautious of all those \*\*emails and messages that you receive. Know that only your knowledge and caution can save you from those [malicious cyberattacks](https://www.theguardian.com/technology/2024/mar/25/us-sanctions-chinese-hackers).
It’s the first bulletin of the month, and this week, we are going to talk about the recent attacks on the **high-profile X accounts**. We will also focus on how Nigeria is standing tall and strong amidst the increasing cybercrime attacks across Africa. Lastly, we will try to understand why certain [cybercriminals](https://www.voanews.com/a/alleged-leader-of-cybercriminals-extradited-to-us/7741605.html) are targeting the Microsoft ADFS.
Let’s not wait anymore!
## Cybercriminals targeting high-profile X accounts for committing crypto fraud!
There’s a one-click [phishing campaign](https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html) doing the rounds on **X (formerly Twitter**). Threat actors are targeting high-profile X users such as political figures, renowned journalists, and X employees. The core idea is to hijack their profiles and then carry out [cryptocurrency fraud](https://en.cryptonomist.ch/2025/02/06/empiresx-the-founders-fined-by-the-cftc-for-130-million-dollars-for-crypto-fraud/). [Sentinel Labs](https://www.sentinelone.com/labs/phishing-on-x-high-profile-account-targeting-campaign-returns/) uncovered this ongoing threat attack that is dominant on X.
However, they believe that the threat campaign can also be spread across other social media platforms . The cybercriminals basically want to leverage the reach of all these big accounts. [Scammers hack](https://www.carscoops.com/2021/11/scammers-hack-mazda-usas-official-instagram-page-on-thanksgiving/) into these \*\*high-impact accounts so that they can easily target naive people with crypto scams to make some quick and easy money.
_The moment a hacker gains access to any of these high-profile accounts, they lock out the legitimate user and start posting fraudulent and misguiding cryptocurrency opportunities_. They can even share external links to [malicious websites](https://techcrunch.com/2022/11/03/hundreds-news-websites-malware/). These websites are designed with crypto-theft-related themes to attract additional targets. The main reason behind targeting high impact profiles on X is to reach out to a wider audience base as well as **maximize their financial gain**.
Threat actors are using different types of [phishing lures](https://www.bleepingcomputer.com/news/security/new-atlascross-hackers-use-american-red-cross-as-phishing-lure/), such as the ‘**account login**’ notice through emails, to make users believe that someone has logged into their X account from an unfamiliar device. A [malicious link](https://www.computerweekly.com/news/366544395/Malicious-URL-volumes-soar-as-cyber-criminals-pull-on-Threads) is also shared, clicking upon which scammers will gain access to your X credentials.
Similarly, [copyright-violation emails](https://www.scworld.com/news/malware-operators-use-copyright-notices-to-lure-in-businesses) are also sent out to create a sense of panic among the users, whereby the users are asked to share their credentials.
## Nigeria stands tall against cyberattacks!
Africa is currently grappling with [increasing cases](https://global.ptsecurity.com/analytics/cybersecurity-threatscape-for-african-countries-q1-2023-q3-2024#:~:text=According%20to%20Check%20Point%2C%20the,the%20same%20period%20last%20year.) of cyberattacks. However, Nigeria has decided to combat cybercriminals more strictly. In the past year, Nigerian authorities have arrested over 1000 threat actors who were involved in cyber frauds and scams. EFCC, or the \*\*Economic and Financial Crimes Commission in Nigeria, has prosecuted around 42 foreign nationals who had allegedly carried out romance and cryptocurrency frauds. _Nigerian authorities had also carried out a massive raid to bust a cybercrime syndicate of around 800 people_.
Nigeria is standing tall against the [threat actors](https://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator) at a time when the entire \*\*African continent is experiencing over [3200](https://www.darkreading.com/cyber-risk/nigeria-touts-cyber-success-african-cybercrime-rises) attacks every week. Ethiopia tops the chart as the riskiest country in Africa for cybercrime, while Nigeria comes at number 19 .
Experts believe that Africa is highly prone to cyberattacks as compared to other countries. The reason beyond this is \*\*rapid digitization and lack of skilled workforce. As of now, there are only [20,000](https://www.darkreading.com/cyber-risk/nigeria-touts-cyber-success-african-cybercrime-rises) qualified [cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) engineers across the continent. _Experts have also witnessed a special trend in which some of the threat actors prefer testing their new malicious tactics in African countries first before attacking other nations_.
## Threat actors attack Microsoft Active Directory Federation Services
\*\*Experts at Abnormal Security have recently found out that a sophisticated campaign is being run to exploit Microsoft’s ADFS in order to break into the [multifactor authentication](https://www.geeksforgeeks.org/multifactor-authentication/) system and gain access to Microsoft user accounts. _Currently, the threat actors are focusing on 150 organizations_. The majority of these are educational establishments that depend primarily on ADFS for authentication processes across different cloud-based and on-premise systems .
Threat actors continue to target Microsoft Active Directory Federation Services (ADFS), making it crucial for organizations to **implement strong cybersecurity measures**, including email authentication protocols like [DMARC](https://dmarcreport.com/), [SPF](https://dmarcreport.com/what-is-spf/), and [DKIM](https://dmarcreport.com/what-is-dkim/), to mitigate phishing and spoofing attacks.
The high-end campaign leverages [spoofed emails](https://www.pcmag.com/news/nsa-warns-of-north-korean-hackers-spoofing-emails-from-legit-domains), which direct naive users to malicious [Microsoft ADFS log-in pages](https://hackread.com/hackers-fake-microsoft-adfs-login-pages-steal-credentials/). The moment a victim enters their credentials and shares the [MFA code](https://www.csoonline.com/article/3622369/microsoft-secretly-stopped-actors-from-snooping-on-your-mfa-codes.html), threat actors get easy access to that particular account. Potential targets of this sophisticated campaign get [fake emails](https://www.usatoday.com/story/money/columnist/2023/09/21/ai-cyber-scams-security/70920106007/) that appear to be coming from **Microsoft’s IT help desk**. _The emails often carry a sense of urgency and compel the users to have a look at something that requires their immediate attention_.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing May 29, 2025 ](/blog/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/)[ Foundational 4m Africa Fights Cybercrime, Attention Farmers Customers, Apple Prevents Threats Aug 28, 2025 ](/blog/africa-fights-cybercrime-attention-farmers-customers-apple-prevents-threats/)[ Foundational 4m AI Scam Alert, Federal Cuts Vulnerability, American Tire Cyberattack Sep 9, 2025 ](/blog/ai-scam-alert-federal-cuts-vulnerability-american-tire-cyberattack/)[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack","description":"Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack from DMARC Report explains practical steps for email authentication, domain.","url":"https://dmarcreport.com/blog/cybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack/","datePublished":"2025-02-07T08:04:26.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2025-02-07T08:04:26.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/cybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack/"},"articleSection":"foundational","keywords":"dkim, DMARC, News, SPF","wordCount":1135,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack","item":"https://dmarcreport.com/blog/cybercriminals-target-x-nigeria-fights-cyberattacks-threat-actors-attack/"}]}
```