The Nigerian Computer Emergency Response Team (ngCERT) has issued a cybersecurity advisory warning Nigerians and organisations across the country about the rising threat posed by stolen email passwords and login credentials.

Compromised accounts are increasingly being used to enable cybercrime, identity theft, financial fraud and other online attacks, the nation’s internet watchdog said.

The agency raised concerns over the large volume of email credentials exposed through data breaches and subsequently traded on dark web marketplaces and underground forums, where cybercriminals purchase them for malicious use.

According to ngCERT, billions of compromised email credentials are currently circulating online, making email accounts one of the most attractive targets for cyber attackers globally.

“Organisations and individuals are strongly advised to treat email security as a priority and take immediate steps to safeguard their accounts,” ngCERT said.

“Organisations and individuals are strongly advised to treat email security as a priority and take immediate steps to safeguard their accounts,” ngCERT said.

Credential theft and automated attacks on the rise, ngCERT says

The advisory explained that cybercriminals routinely harvest usernames, passwords and personal information leaked during data breaches, before selling the data in bulk to other attackers.

These attackers then deploy automated tools to test stolen credentials across multiple online platforms in a technique known as credential stuffing.

Because many users reuse the same passwords across different services, attackers are often able to gain access to multiple accounts using a single set of compromised login details.

ngCERT noted that once email accounts are breached, attackers can access sensitive communications, financial records, personal data and password reset links linked to other online services.

According to the agency, this allows cybercriminals to escalate access across multiple platforms associated with the same email address, significantly increasing the potential scale of damage.

Risks of identity theft, fraud and business email compromise

The advisory warned that successful exploitation of stolen email credentials can lead to unauthorised access to personal and corporate accounts, identity theft and financial fraud through misuse of banking and payment information.

It further highlighted that compromised accounts can be used to launch Business Email Compromise (BEC) attacks and sophisticated phishing campaigns. Because such messages originate from trusted email addresses, they are often more convincing and harder for victims to detect.

ngCERT also warned that exposed email accounts may lead to the leakage of sensitive personal and organisational data, potentially resulting in reputational damage, operational disruptions and significant financial losses.

The agency noted that the rapid expansion of digital services and online transactions has further elevated the importance of email security, as email accounts often serve as the central gateway to multiple personal and business platforms.

Security recommendations for users, organisations

To reduce exposure to cyber threats, ngCERT advised users to create strong and unique passwords for each email account and enable Multi-Factor Authentication (MFA) wherever available.

The agency also urged internet users to avoid password reuse across platforms and consider using reputable password managers to securely generate and store complex credentials.

As part of its guidance, ngCERT encouraged users to regularly check whether their email addresses have appeared in known data breaches using the Have I Been Pwned repository. Users whose credentials are found in breach databases are advised to change passwords immediately and closely monitor accounts for suspicious activity.

Additionally, the agency recommended vigilance against phishing attempts, caution against clicking suspicious links or attachments, and activation of login notifications to detect unauthorised access attempts in real time.

Organisational cyber hygiene, awareness

For organisations, ngCERT advised regular review of account access logs, deployment of spam filtering and anti-phishing systems, and strengthened cybersecurity awareness training for employees.

The agency also emphasised the importance of educating staff and family members on safe email practices and the risks associated with credential exposure.

According to ngCERT, improving awareness, strengthening authentication mechanisms and adopting strong digital hygiene practices remain critical to mitigating the growing threat posed by stolen email credentials and related cyberattacks.