The National Information Technology Development Agency has warned Nigerians about a dangerous banking malware that targets users worldwide through complex phishing schemes.

The warning was issued by NITDA’s Computer Emergency Readiness and Response Team on Monday via social media. The agency described the new version of Grandoreiro as a serious threat that uses sophisticated methods to steal sensitive information. According to the agency, the malware employs “advanced techniques, including screen overlay attacks and remote device control, to steal sensitive information such as banking credentials and personal data.”

NITDA explained that the malware primarily spreads through phishing emails and fraudulent websites. These deceptive platforms trick victims into downloading malicious software by disguising it as legitimate updates or documents. Once installed, the malware can bypass security protections, giving attackers unauthorized access to users’ devices. The agency warned that this could result in significant financial losses and potential identity theft.

The agency urged the public to exercise caution and adopt recommended security measures to mitigate the risk. “Cyber threats like Grandoreiro are evolving, and users need to stay vigilant and adopt robust security practices to protect their information,” the agency advised.

NITDA recommended avoiding links and attachments from unknown emails, downloading software only from trusted sources, and enabling multifactor authentication for online banking and financial accounts. The agency also emphasized the importance of keeping antivirus software updated, avoiding public Wi-Fi for financial transactions, and regularly monitoring bank accounts for unauthorized activities.

