TechPression

Category: Security

  • NITDA alerts Nigerians to fake Google Play Store site spreading Trojan

    NITDA alerts Nigerians to fake Google Play Store site spreading Trojan

    Hadiza Umar, the Head of Corporate Affairs and External Relations at the National Information Technology Development Agency (NITDA), issued a warning to Nigerians on Friday about a fake website that mimics the Google Play Store. 

    This fraudulent site, according to Umar, is distributing the Play Praetor Trojan, a new form of malware.

    “Cybercriminals are using fraudulent websites designed to mimic the Google Play Store to lure victims into downloading malicious applications,” she said.

    Tactics used to lure victims

    She explained that various social engineering techniques, such as phishing emails, malicious adverts, and SMS messages, were being used to spread the phoney Play Store URLs. 

    Related Post: Microsoft alerts crypto users about StilachiRAT malware stealing wallet data

    Umar claims that the Play Praetor Trojan, once downloaded via the fake website, gives hackers unauthorised access to the victim’s device.

    “This access can lead to data theft, credential harvesting, financial fraud, remote control of the device, and further malware deployment,” she warned.

    What to do

    She advised people to only download programs from trusted sources, such as the official Google Play Store.  

    Umar further advised users to verify the identities of app developers, read reviews before installing, and regularly update their devices and apps frequently to fix bugs.

  • Congo bolsters cybersecurity with $1.3 million

    Congo bolsters cybersecurity with $1.3 million

    On Tuesday, the Republic of Congo announced the allocation of 800 million CFA francs (approximately $1.3 million) to enhance its cybersecurity framework. This funding will support the operations of the National Agency for Information Systems Security (ANSSI), a body tasked with safeguarding the nation’s digital infrastructure.

    The announcement was made by Léon Juste Ibombo, Minister of Posts, Telecommunications, and the Digital Economy, during a meeting with ANSSI’s Director General, Oboulhas Tsahat Conrad Onésime, who was appointed in February 2025.

    The allocated budget addresses growing cyber threats by enabling ANSSI to deploy robust infrastructure, recruit skilled personnel, and develop tailored cybersecurity strategies. These measures are intended to improve the protection of information systems and foster trust in the nation’s digital ecosystem.

    Operating under the supervision of the Presidency and administered by the Ministry of the Digital Economy, ANSSI is responsible for managing digital threats, responding to cyberattacks, and coordinating national cybersecurity efforts. Despite these efforts, challenges such as a lack of trained cybersecurity professionals and limited public awareness persist.

    Challenges highlighted in Global Cybersecurity Index

    Congo’s urgency in investing is underscored by its ranking in the 2024 Global Cybersecurity Index by the International Telecommunication Union. The country scored 27.61 out of 100, placing it in Tier 4—an indicator of significant gaps in its cybersecurity capabilities.

    To address these gaps, ANSSI plans to train cybersecurity experts and raise awareness about digital security among institutions and citizens. Also, fostering stakeholder collaboration is essential to strengthening Congo’s defences against cyber threats.

    This initiative aligns with Congo’s broader National Digital Strategy 2025, which emphasises e-governance and digital trust. The strategy includes legislative measures, such as laws on data protection and cybersecurity adopted in recent years, to create a more secure digital environment.

    As cyber threats continue to rise globally, Congo’s investment marks a step toward fortifying its digital defences while addressing critical challenges in expertise and coordination.

    Edited.

  • Pi network enhances security with two-factor authentication for wallet confirmation

    Pi network enhances security with two-factor authentication for wallet confirmation

    In a significant step toward bolstering user security, Pi Network has introduced a two-factor authentication (2FA) feature for wallet confirmation. This update rolled out on March 13, 2025, mandates that some Pioneers—Pi Network’s dedicated community of users—complete 2FA using a trusted email address before their Pi tokens can be successfully migrated to the Mainnet blockchain.

    The move underscores Pi Network’s commitment to safeguarding its ecosystem as it transitions into a fully decentralised and operational blockchain.

    Read also: Ethena Labs and Securitize launch Converge, bridging TradFi and DeFi

    What is two-factor authentication (2FA)?

    Two-factor authentication (2FA) is a widely adopted security measure that adds an additional layer of protection to online accounts. Beyond a standard password, 2FA requires a second form of verification—such as a code sent to an email or phone—to confirm a user’s identity. For Pi Network, this second step involves verifying a trusted email address, ensuring that only the rightful account owner can access and manage their Pi wallet during migration.

    Why 2FA matters for Pi network

    Pi Network’s introduction of 2FA comes at a pivotal moment. With the recent launch of its Open Mainnet on February 20, 2025, Pi transitioned from a closed ecosystem to a fully decentralised blockchain, enabling external transactions and trading on various cryptocurrency exchanges. This shift has brought unprecedented opportunities for Pioneers to utilise their Pi tokens, but it has also heightened the need for robust security measures.

    The blockchain’s immutable nature means that transactions, once executed, cannot be reversed. 

    Additionally, Pi wallets are non-custodial, meaning users have complete control over their funds without relying on a third party. While this empowers users, it also puts the security responsibility squarely on their shoulders. By implementing 2FA, Pi Network aims to mitigate risks such as unauthorised access or wallet hijacking, ensuring that Pioneers’ hard-earned tokens remain secure during the migration to Mainnet.

    How it the two-factor authentication works for Pioneers

    For Pioneers who recently initiated their migration to the Mainnet and are still within the 14-day pending period, completing 2FA is now a mandatory step. The process begins with verifying a trusted email address. Some users may already have a registered email they can use, while others will need to set one up by completing a liveness check—a step that confirms the account owner’s identity.

    Once the trusted email is established, Pioneers will receive prompts—either after a mining session or via email notifications—to complete the 2FA process. This verification confirms their wallet, allowing their Pi tokens to be migrated successfully. Pi Network has emphasized that using an inaccessible or random email address will lead to verification failures, potentially locking users of their wallets or hindering future account recovery.

    Impact on the Pi ecosystem

    The introduction of 2FA enhances security and has implications for the broader Pi ecosystem. For instance, during the 14-day pending period, some accounts may see their Pi tokens temporarily returned if 2FA is not completed. This, combined with the wallet confirmation requirement, could temporarily drop circulating supply as tokens remain unmigrated until the process is finalised.

    Interestingly, Pioneers who successfully migrate their tokens may receive slightly more Pi than their original amount, thanks to additional mining sessions in the final tally. This feature reflects Pi Network’s focus on rewarding its community while maintaining a secure and reliable migration process.

    Read also: Microsoft alerts crypto users about StilachiRAT malware stealing wallet data

    Community response and market implications

    The announcement has sparked a wave of discussion within the Pi community, with many Pioneers welcoming the added security. Since the Open Mainnet launch, Pi Coin has experienced significant price volatility, surging to near $3 before stabilising around $1 as of mid-March 2025. The introduction of 2FA coincides with a recent price recovery from a crucial support level of $1, signalling renewed confidence among investors.

    Analysts suggest enhanced security measures like 2FA could bolster Pi Network’s credibility, especially as it vies for listings on major exchanges like Binance and Coinbase. With a user base exceeding 65 million active Pioneers and a market cap ranking it among the top cryptocurrencies, Pi is positioning itself as a serious contender in the digital asset space.

    As Pi Network continues to evolve, the release of 2FA for wallet confirmation marks a proactive step toward ensuring the safety and integrity of its ecosystem. For Pioneers, this update is a call to action—secure your wallets—and a reassurance that the network prioritises their interests. As the March 19, 2025, rollout progresses, all eyes will be on how this feature shapes user adoption, market sentiment, and Pi’s journey toward mainstream recognition in the cryptocurrency world.

    With its mobile-based mining model and ambitious vision of creating an accessible digital economy, Pi Network proves that security and scalability can go hand in hand. For now, Pioneers are encouraged to complete their 2FA set-up promptly to fully participate in the Mainnet era and safeguard their stake in this promising blockchain project.

  • Egypt’s central bank hosts Tanzanian delegation to boost cybersecurity cooperation in Africa 

    Egypt’s central bank hosts Tanzanian delegation to boost cybersecurity cooperation in Africa 

    Egypt is strengthening cybersecurity cooperation with African nations, as the Central Bank of Egypt (CBE) recently hosted a specialised technical team from the Bank of Tanzania (BoT).

    According to an official statement published by the CBE on Sunday, the visit took place over three days and focused on Egypt’s pioneering role in financial cybersecurity. 

    The Tanzanian delegation sought insights from Egypt’s Financial Computing Incident Response Team (EG-FinCIRT), a model recognised across Africa and the Middle East.

    Read also: Paratus Namibia enlist foreign cybersecurity experts to contain systems breach

    Enhancing cybersecurity in Africa’s financial sector

    The Tanzanian team responsible for operating the Financial Sector Computer Emergency Response Center (TZ-FinCERT), explored EG-FinCIRT’s advanced mechanisms for identifying and mitigating cyber threats in banking and finance. The visit aimed to leverage Egypt’s expertise in strengthening cybersecurity frameworks and enhancing Tanzania’s digital financial security.

    Sherif Hazem, CBE’s Sub-Governor for the Cybersecurity Sector, emphasised the significance of these exchanges. “Welcoming cybersecurity teams from African central banks underscores CBE’s leadership in securing financial systems. Our region’s first sector-specific CERT aligns with global cybersecurity advancements,” he stated.

    Strategic knowledge sharing for digital security

    Assistant Sub-Governor of CBE, Ibrahim Mostafa, highlighted the growing need for collaboration amid rising cyber threats. “Sharing knowledge and strengthening cooperation among cybersecurity response teams is essential as financial institutions increasingly rely on digital technologies,” he noted. 

    Egypt has been actively working on enhancing cybersecurity across its banking sector, introducing structured frameworks to secure financial institutions and fintech applications.

    During their visit, the BoT team gained insights into Egypt’s Financial Cybersecurity Framework, which outlines best practices for protecting digital banking operations. They also reviewed Egypt’s processes for evaluating financial institutions’ cybersecurity readiness and the approval protocols for digital banking solutions before they are launched in the market.

    Read also: Bybit loses almost $1.5 billion in landmark crypto heist, North Korea tops key suspects

    Egypt and Tanzania strengthen cybersecurity ties

    The visit was part of a broader initiative to foster cybersecurity collaboration among African nations. By sharing best practices and cybersecurity strategies, Egypt and Tanzania are working towards a more secure digital financial environment across the continent.

    Egypt’s commitment to regional cybersecurity leadership continues to grow, reinforcing its role as a hub for financial security expertise. As digital banking expands, partnerships like this will be crucial in safeguarding financial institutions from emerging cyber threats.

  • Meta advocates parental consent on app downloads for minors, Google says no

    Meta advocates parental consent on app downloads for minors, Google says no

    Meta and Google are at odds over new child safety laws that aim to regulate how kids download apps. The debate centres on whether app stores or app developers should be responsible for ensuring minors’ safety online.

    Read also: Instagram users exposed to violent content after Meta error

    Age verification and its implications

    Utah was the first state to require app retailers to verify users’ ages and acquire parental approval for children before downloading apps. X, Snap, and Meta have backed this action, claiming it allows parents greater control over their children’s online activities.

    However, Google strongly opposes the law, citing privacy concerns. Google’s public policy director, Kareem Ghanem, stated, “These proposals introduce new risks to the privacy of minors, without actually addressing the harms, inspiring lawmakers to act”.

    Google argues that the law would force app stores to share children’s age data with millions of developers, potentially exposing them to privacy risks. Instead, Google suggests that app stores should securely provide age assurances only to developers who genuinely need them, such as those offering potentially risky content. Meta counters that verifying ages at the app store level would eliminate the need for individual apps to collect sensitive personal information, thus upholding user privacy.

    Meta sees progress on parental controls but questions Google’s plan

    Meta has been advocating for laws that require app stores to give parents control over kids’ app downloads for over a year. Meta spokesperson Jamie Radice welcomed Google’s acknowledgement that age information could be shared with app developers but expressed uncertainty about how Google would decide which apps qualify for this data.

    Read also: Meta plans 50,000km undersea cables for enhanced global connectivity

    Radice emphasised, “The simplest way to protect teens online is to put parents in charge. That’s why legislation should require app stores to obtain parental consent before allowing children to download apps”.

    Apple has also raised concerns about excessive data collection, noting that parents might need to provide sensitive documentation for their children to access apps meant for minors.

    Meanwhile, Google proposes letting app developers decide the appropriate protections for specific age groups, as they are best positioned to understand their apps’ content. As more states examine similar legislation, this debate shows the difficulties of balancing internet safety and privacy. Utah’s bill was announced on Wednesday, a turning point in this clash.

  • EFCC releases full list of Ponzi scheme operators in Nigeria

    EFCC releases full list of Ponzi scheme operators in Nigeria

    The Economic and Financial Crimes Commission (EFCC) on Tuesday published a list of at least 58 companies that use Ponzi schemes, also known as illegal investment schemes, to defraud unsuspecting Nigerians.

    This action demonstrates the EFCC’s commitment to sanitising Nigeria’s financial system and protecting its citizens from fraudulent investment platforms.

    In a statement released on Tuesday, the EFCC stated that these companies are operating unlawfully due to their failure to register with the Central Bank of Nigeria (CBN) or the Securities and Exchange Commission (SEC).

    Read also: EFCC repatriates $120,000, N70.6 million to U.S., Spanish citizens scammed by Yahoo Boys

    The statement reads, “The Economic and Financial Crimes Commission, EFCC, hereby alerts Nigerians on the operations of 58 companies posturing as investing entities and defrauding innocent Nigerians of their hard-earned money.”

    “The companies are neither registered with the Central Bank of Nigeria, CBN, nor the Security Exchange Commission, SEC. The two regulators, in separate correspondences with the EFCC, denied that they are registered with them,” it added.

    Both regulatory bodies confirmed in separate letters that these organisations lack the necessary authorisation to function as investment businesses.

    Several of these companies have been sued by the EFCC. Five of the cases have already been found guilty, five are still awaiting arraignment, and five more have pleaded guilty and are awaiting a review of the facts.

    “The Commission has charged many of the companies to court, with five of them convicted, another five pleaded guilty but awaiting review of facts while the rest are pending arraignment,” the statement reads.

    How Ponzi schemes operate

    Ponzi schemes typically attract people seeking quick riches because they offer high returns with little to no risk. However, these schemes are not long-term viable because they rely on funds from new investors to provide returns to earlier investors. When the plan fails because fewer new investments are made, participants lose a lot of money.

    As demonstrated by these companies’ alleged involvement in fraudulent activities, due diligence is essential prior to making any investments.

    The EFCC reiterated its commitment to shielding Nigerians against financial predators and fraudulent investment schemes.

    “The EFCC assures the public of its vigilance and proactive monitoring of every entity and player in the nation’s economic space to safeguard the public from opportunistic and predatory operators and use the instrumentality of its anti-corruption mandate to stimulate growth in the economy.”

    In order to prevent further exploitation of Nigerians, the commission pledges to monitor the economy aggressively and continuously.

    Read also: EFCC announces online auction of 900 luxury vehicles seized from Yahoo Boys, corrupt politicians

    Below is the full list of the companies designated as Ponzi scheme operators by the EFCC:

    1. Wales Kingdom Capital

    2. Bethseida Group of Companies

    3. AQM Capital Limited

    4. Titan Multibusiness Investment Limited

    5. Brickwall Global Investment Limited

    6. Farmforte Limited & Agro Partnership Tech

    7. Green Eagles Agribusiness Solution Limited

    8. Richfield Multiconcepts Limited

    9. Forte Asset Management Limited

    10. Biss Networks Nigeria Limited

    11. S Mobile Netzone Limited

    12. Pristine Mobile Network

    13. Letsfarm Integrated Services

    14. Bara Finance & Investment Limited

    15. Vicampro Farms Limited

    16. Brooks Network Limited

    17. Gas Station Supply Services Limited

    18. Brass & Books Limited

    19. Annexation Biz Concept

    20. Maitanbuwal Global Ventures

    21. Crowdyvest Limited

    Other firms include:

    22. Jadek Agro Connect Limited

    23. Adeeva Capital Limited

    24. Oxford International Group and Oxford Gold Integrated

    25. Skapomah Global Limited

    26. MBA Trading & Capital Investment Limited

    27. TRJ Company Limited

    28. Farm4Me Agriculture Limited

    29. Quintessential Investment Company

    30. Adeprinz Global Enterprises

    31. Rockstar Establishment Limited

    32. SU. Global Investment

    33. Citi Trust Funding PLC

    34. Farm Buddy

    35. Eatrich 369 Farms & Food

    36. Globertrot Farmsponsors Nigeria Limited

    37. Farm Sponsors Limited

    38. Cititrust Credit Limited

    39. Farmfunded Agroservices Limited

    40. Adamakin Investment & Works Limited

    Additional firms include:

    41. Cititrust Holding PLC

    42. Green Eagles Agribusiness Solutions Limited

    43. Chinmark Homes & Shelters Limited

    44. Emerald Farms & Consultant Limited

    45. Ovaioza Farm Produce Storage Limited

    46. Farm 360 & Agriculture Company

    47. Requid Technologies Limited

    48. West Agro Agriculture & Food Processing Limited

    49. NISL Ventures Limited & Estate of Laolu Martins

    50. XY Connect Investment Limited

    51. River Branch Unique Investment Limited

    52. Hallmark Capital Limited

    53. CJC Markets Limited

    54. Crowd One Investment

    55. Farmkart Foods Limited

    56. KD Likemind Stakeholders Limited

    57. Holibiz Finance Limited

    58. Ifeanyi Okpe Oil & Gas Services

    59. Servapps Nigeria Limited

    60. Barrick Gold Mining Company

    61. 360 Agric Partners Limited

  • Elon Musk links massive cyberattack on X to Ukraine

    Elon Musk links massive cyberattack on X to Ukraine

    Elon Musk’s social networking network X experienced a significant outage on Monday as thousands of users complained about having trouble accessing the website.

    In response to the interruptions, Musk acknowledged that a major hack had hit X.

    “There was (still is) a massive cyberattack against 𝕏. We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved. Tracing …,” he said.

    Read also: Elon Musk tests X’s live streaming feature

    Later that same day, Musk gave more information on the attack on X when he spoke with Larry Kudlow on Fox Business Network.

    He disclosed that they had identified “IP addresses originating in the Ukraine area” as the source of the attack.

    “We are not sure exactly what happened, but there was a massive cyberattack trying to bring down the X system, with IP addresses originating in the Ukraine area,” he said.

    Over 41,000 X users affected 

    According to DownDetector, a platform that tracks outages across various digital services, over 41,000 users reported issues around 10:03 a.m. EDT, with most complaints indicating problems with the app and website.

    Despite a decrease in reports following the peak, users continued to encounter disruptions, with between 25,000 and 36,000 complaints made between 11:30 a.m. and 1 p.m.

    Similar problems, which peaked at 22,766 complaints shortly before 6:00a.m. and seemed to subside an hour later, were reported earlier in the day at 5:43 a.m.

    Since Musk’s takeover, the platform has come under fire for its cybersecurity policies, and the attack raises questions about its security.

    Read also: TikTok bypasses U.S. App Store restrictions, offers direct Android downloads

    X’s plans to raise funds at $44 billion valuation 

    At a $44 billion valuation, X is reportedly in talks with investors to raise money. This valuation is the same as what Musk paid in 2022 to buy the business.

    For the social media behemoth, which saw a surge in user and advertiser attrition after Musk’s takeover and subsequent platform redesign, the possible funding round represents a dramatic turnaround.

    According to the sources, the company may decide to stop its fundraising efforts in the end, and the specifics of the financing round may still change while negotiations are still in progress.

    This would mark X’s first known round of funding since Musk took the business private in 2022. The possible round of funding follows X’s financial difficulties.

    Before the current talks, in December 2023, Fidelity Investments reduced the value of its ownership in X by roughly 70 percent from the $44 billion purchase price. But recent events point to a change in attitude.

    There has also been a favourable revaluation of X’s debt. It has been reported that Morgan Stanley completed the sale of $3 billion worth of X debt last week at face value, with no reduction.

    This is a big step up from previous attempts to sell the debt, which were greeted with resistance from possible buyers.

  • Three arrested in Morocco for dangerous social media stunts

    Three arrested in Morocco for dangerous social media stunts

    Police arrested three individuals in Temara, near Rabat, on Saturday evening for sharing videos on social media that depicted dangerous stunts and acts of arson.

    According to security sources, the suspects were involved in activities that posed significant risks to public safety and order, prompting their swift arrest.

    Read also: 33,320 recovered in Nigeria-Japan cybercrime operation; 11 arrested for romance scams

    Dangerous social media challenges spark concern

    The arrests followed an investigation by the National Security’s Cyber Surveillance Unit, which identified disturbing content circulating on social media platforms. The videos reportedly showcased dangerous behaviours, including setting fires in public spaces using plastic water guns filled with gasoline. The reckless acts endangered public infrastructure, private property, and the safety of bystanders.

    Authorities also discovered that the suspects were involved in hazardous driving stunts, endangering the lives of other road users. The activities, which were allegedly documented and shared to gain social media attention, have sparked concerns over the growing trend of risky online challenges.

    During the operation, police confiscated modified plastic water guns, ropes, small knives, and a rented vehicle used in the dangerous driving stunts. The suspects are currently under judicial custody as the investigation continues under the supervision of the public prosecutor’s office.

    Read also: Police release TikToker SeaKing for allegedly defaming RCCG’s Pastor Adeboye

    Social media challenges under scrutiny

    This incident has reignited debates about the impact of social media challenges on public safety. The trend of performing risky stunts for online popularity has led to increasing concerns about the safety of such activities.

    Moroccan authorities have been actively monitoring online platforms for dangerous content. Last year, Morocco’s Minister of Justice Abdellatif Ouahbi, announced plans to introduce stricter penalties for social media misconduct, emphasising the need to safeguard public safety and order.

    As the investigation unfolds, the arrests serve as a stark reminder of the consequences of engaging in reckless behaviours for social media fame. It also highlights the importance of responsible content sharing to ensure public safety and security.

  • ZainTECH, Fortinet partner to bolster cybersecurity in the Middle East

    ZainTECH, Fortinet partner to bolster cybersecurity in the Middle East

    On Tuesday, ZainTECH, the integrated digital solutions provider of Zain Group and Fortinet, a global cybersecurity solutions leader, announced a strategic partnership to enhance cyber resilience and digital protection for businesses throughout the Middle East.

    The collaboration combines Fortinet’s advanced cybersecurity technologies with ZainTECH’s regional expertise to meet the growing demand for robust cyber protection in the evolving digital environment.

    Read also: Kenya’s business data compromised in cyberattack, investigators rule out Ransomware

    Fortinet and ZainTECH: a partnership for regional cybersecurity

    The partnership will reinforce ZainTECH’s cyber resilience services, utilising Fortinet’s Security Operations Platform. ZainTECH has invested in building advanced capabilities and upskilling teams to deliver these services, ensuring businesses can effectively detect and mitigate cyber threats in real-time.

    Andrew Hanna, CEO of ZainTECH, stated, “By integrating Fortinet’s innovative technology with our tailored approach and technical expertise, we are well-positioned to deliver comprehensive and reliable cybersecurity solutions to our clients, empowering them to safeguard their operations while enabling growth and innovation”.

    Strengthening cyber defences across the Middle East

    The strategic partnership emphasises a shared commitment to improving cybersecurity resilience for organisations of all sizes and sectors in the Middle East.

    Alain Penel, Vice President of Sales, Middle East, Turkey & CIS, Fortinet, added, “This collaboration with ZainTECH will provide businesses with the tools they need to thrive securely. By joining forces, we are empowering organisations to navigate today’s complex cybersecurity landscape while accelerating their digital transformation journeys.”.

    ZainTECH is actively strengthening digital resilience by ensuring compliance with regulations and achieving Class C certification for cloud security. 

    The company supports the development of smart infrastructure, working with UL Solutions and regional governments to implement certified sustainable buildings and smart city technologies that align with Vision 2030’s sustainability goals.

    Read also: DeepSeek under threat from US-originated cyber attacks

    About ZainTECH 

    ZainTECH is a regional digital solutions provider that unifies Zain Group’s ICT assets to drive enterprise and government transformation in the MENA region. It offers managed solutions across cloud, cybersecurity, big data, IoT, AI, smart cities, and emerging technologies. 

    With a strong regional presence, ZainTECH capitalises on Zain’s extensive infrastructure and global reach, operating in Kuwait, Saudi Arabia, Bahrain, Jordan, Iraq, the UAE, and other key Middle Eastern markets.

    As a key part of Zain’s growth strategy, ZainTECH expands beyond telecom to drive innovation and support its vision as a leading ICT and digital provider.

  • Risevest denies SEC allegations, reaffirms registration

    Risevest denies SEC allegations, reaffirms registration

    On January 26, 2025, the Nigerian Securities and Exchange Commission (SEC) warned the public against investing in Risevest and Stecs. The warning cited that neither entity is registered or authorised to operate in Nigeria’s capital market. 

    However, Risevest has responded to these allegations, claiming that it is legally registered to operate under the Cooperative Society Laws of Lagos State.

    Read also: Nigerian fintech giant Risevest enters Kenyan market

    The SEC’s warning highlighted that Risevest and Stecs are engaged in unapproved investment schemes targeting unsuspecting individuals. The Commission emphasised that investing with unregistered entities poses fraud risks and potential financial losses. 

    Despite this, Risevest maintains that its operations comply with regulatory guidelines and are supported by licensed partners such as Meristem Trustees Limited and Chaka Technologies Limited.

    Response and legal standing

    Risevest has countered the SEC’s allegations by stating that its cooperative activities are registered under the Cooperative laws of Lagos State, with registration no. 17080.

    The company explained that its Nigerian operations are supported by SEC-licensed entities, enabling it to manage and invest users’ funds in local and global markets.

    Risevest has also contacted the SEC to clarify the concerns raised in the warning and assured its users that all services are operating as usual.

    In a statement, Risevest emphasised, “We have always operated in line with guidelines established by regulators to safeguard consumers.” The company said it was committed to delivering investment opportunities safely and competently.

    Read also: Risevest acquires fintech company Hisa to enter Kenya

    Meanwhile, the SEC continues to caution the public against engaging with unregistered entities, urging investors to verify the registration status of any company offering investment opportunities through official channels.

    The SEC’s warning follows a history of regulatory scrutiny. In August 2021, the Central Bank of Nigeria (CBN) froze accounts linked to several fintech firms, including Rise Vest, due to investigations into alleged illegal foreign exchange transactions. 

    Although these restrictions were lifted in July 2023, the SEC’s latest advisory underscores ongoing scrutiny of financial platforms operating in Nigeria. Risevest’s radio, billboard, and social media promotions have been recognised despite the SEC’s worries about its capital market credibility.