The Nigerian prince has to be one of the most persistent phrases in cybersecurity — not unlike the scammers it is named after. It is so popular that one can argue that it is more of a cultural phenomenon than it is a cybersecurity term, making appearances on TV — see “The Office”; music — see YUNG LIXO’s “Scam from Nigeria”; and in everyday conversations. When I was fundraising for an event, a colleague based in the United States told me it would be harder for me to get funding because I come from “the land of Nigerian princes.”
At first, I rationalized that this obsession was rooted in the very real harm that Nigerian cybercrime causes around the world. Over time, though, I realized that this was shortsighted — the “Nigerian prince” is not a neutral term, but one that is rooted in a deep bias that, whether accidental or intended, obfuscates conversations around cybercrime and paints Nigerians as cybercriminals until proven innocent. It has led to an entire strata of social engineering scams — cyber attacks that prioritze manipulation tactics rather than particular technological tools — being incorrectly labeled as “Nigerian prince scams” with a ripple effect for Nigerians around the world.
“We need to reexamine – and rewrite – the historical context of the Nigerian prince,” an app developer friend told me, while we discussed an incident where a prospective employer told him that they “had a thing” against hiring Nigerians. He talked about routine rejections from prospective employers who weren’t willing to “risk it.” He’s not the only one, Nigerians routinely talk about being discriminated against in the international market due to their nationality and presumed risk of cyber criminality.
Magicians in the Mail
In his book “This Present Darkness: A History of Nigerian Organized Crime,” Stephen Ellis recalls the first cases of advance fee fraud in West Africa. The scammers would pose as African magicians and write letters to potential victims, promising them talismans and charms in exchange for money sent in advance. Many of these letters were sent abroad; by 1947, the British government had intercepted around 9,570 such letters and recovered around 1,200 pounds.
When the Internet came to Nigeria, the scams went online. It was just a few years after Nigeria had gained independence and a crash in global oil prices had sent the country into an economic crisis. Many Nigerians started taking odd jobs, often working in manual labor to make ends meet. Others turned to cybercrime, updating the advanced fee scam format of the “African magicians” to fit the digital age. Scam letters became e-mails and the “yahoo boys” were born.
At first, the “yahoo boys” would pose as Nigerian princes who were willing to share their riches with someone, as long as the would-be recipient could send them some money in advance. Today, their stories have expanded into everything from a stranded soldier in need of money to the classic romance scam, encompassing everything from advance fee fraud to identity theft. All of them, however, are unofficially classified as variations of the “Nigerian prince” scam and the scammers are referred to as Nigerian princes — even if their scams bear no resemblance to the Nigerian prince scams of the past.
As a young Nigerian journalist who specializes in cybersecurity, I often think about how this drives forward the assumption that the majority of social engineering scams (advance fee fraud, in particular) originate in Nigeria and how this assumption has created an unwritten rule that Nigerians are cybercriminals until proven otherwise. Even though there are plenty of cybercriminals who use social engineering in countries like Romania and Ukraine, there are no “Romanian princes” and the media tends to treat European cybercriminals with far more nuance than it treats their African counterparts.
The “Nigerian prince” is not a neutral term, but one that is rooted in a deep bias that, whether accidental or intended, obfuscates conversations around cybercrime and paints Nigerians as cybercriminals until proven innocent.
Meanwhile, the idea of a “Nigerian prince” has expanded to refer to everything from advance fee fraud to identity theft, wire fraud, or even social security fraud. It pushes the narrative that whatever the crime, the social engineering required is rooted in the methods of the “Nigerian princes” from the early days of the Internet. However, even this attribution is incorrect — as far back as the 19th century, the Spanish Swindler plagued Britain, posing as a prisoner with hidden treasures, promising victims some of his riches if only they would pay to help free him.
Today, most cybersecurity researchers and professionals are careful with their language, motivated more out of a desire to help the public understand the nuances of advance fee scams than a desire to correct this narrative. Those who care about both stand out.
Dr. Suleman Lazarus, a visiting fellow at the Mannheim Centre for Criminology at the London School of Economics who specializes in the cultural circumstances of cybercrime in West Africa, said that the Nigerian prince scams ballooned in popular discourse because the stories make exciting copy. “It made [for] good news [material] that an African country that’s just gained independence was becoming popular for cybercrime,” he said in an interview.
“The Nigerian prince has more character than advance fee fraud or whatever because it is pegged on the identity of real people rather than an abstract term,” he continued, pointing out that this stereotype is rooted in racial and geographic bias and perpetuated by the media’s desire for sensationalism.
“People understand the places they can’t reach through the media, and the most repeated narrative of Nigeria as a young country was about the Nigerian prince,” he continued. “It set a legacy.”
Today, this legacy is sustained in movies and TV shows — and the victims of cybercrimes. Between 2018 and 2022, The US Internet Crime Complaint Center recorded a cumulative 3.26 million complaints and $27.6 billion lost to cybercrime, mostly to scams with some sort of social engineering element. The largest demographic of victims are people in their 50s and 60s who often lose their life savings and retirement funds. Up close, these scams are more than financial discomfort; they can lead to bankruptcy, separations, and even suicide.
Even though these cybercrimes can be traced to countries around the world, it is Nigerians who pay the price of disproportional discrimination.
“International response has gone beyond precaution,” writes Sharon Lin in a WIRED article titled “The Long Shadow of the ‘Nigerian Prince’ Scam.”
“Discriminating against Nigerian users may save companies from actual fraudulent activity, but it comes at the cost of subjecting innocent users to high levels of scrutiny, often involving their personal data and financial history,” the article continues. For example, Nigerians were banned from using PayPal for years due to fraud concerns.
For Dr. Lazarus, the media is responsible for keeping this stereotype alive.
“There are so many parts to fix concerning cybercrime in West Africa,” he conceded.“ But there is the role of discrimination that the language of media and international discourse has played too.”
This piece was edited by Allyn Gaestel and Anna Lekas Miller.