Whatever Happened to the Nigerian Prince?

Remember him? The deposed Nigerian prince with a frozen bank account and an inexplicable trust in you specifically to help move millions out of the country, for a modest advance fee? His emails were misspelled, his stories were laughably creative, and yet somehow, he often succeeded in his cons. 

Those emails were almost charming in their incompetence. But the prince didn’t disappear, he graduated. While the world was innovating and evolving, he went to Deepfake University, got an MBA in social engineering, and came back as a convincing fake replica of your CEO. Honestly, it’s enough to make even digital natives nostalgic for the era of rotary phones and “royalty” scams. At least back then, there was a face to the hustle. 

The Original Con: Where It All Started 

The Nigerian prince scam, also known as the 419 scam (named after the section of the Nigerian Criminal Code that outlaws this exact type of fraud), didn’t actually start in Nigeria or even in the 20^th century. Back in the late 1700s and early 1800s, there was a Spanish Prisoner scam, nearly identical to the Nigerian scam. A con artist writes to a stranger claiming to be a noble imprisoned under a false name, promising a share of his vast fortune in exchange for a small, upfront payment to secure their release. Some of the recipients would feel for the plight of this “wrongly imprisoned innocent” and send money back. While the con artist received the money, no fortune ever arrived for the victims of the scam.  

Fast forward to the 1980s and 90s: Nigerian scammers adapted the formula for the fax machine era, then supercharged it with society’s growing dependence on email. Suddenly, for the cost of an internet café session, a single fraudster could reach millions of inboxes globally. The grammar was terrible, and the sentence structure was sometimes awkward, but that was reportedly intentional. The language errors served to weed out skeptics early and leave only the most susceptible targets in the mix. Why bother wasting time on someone who would eventually catch on? 

The Glow-Up Nobody Asked For 

Here’s where the Nigerian prince takes a darker turn. What was once obvious and impersonal spam has now evolved into precise, high stakes attacks. 

Email Phishing 

This is still the entry point for most fraud, but today’s phishing emails don’t arrive with “Dear Beloved Sir.” They replicate your organization’s exact formatting, mimic your HR department’s email domain, or even arrive mid-thread in an existing email conversation you were already part of. AI tools have erased the grammar errors that used to give these messages away. What used to take a single scam operation days of manual work now takes, at most, minutes. 

Business Email Compromise (BEC) 

One of the emerging threats that are keeping security teams up at night has become the corporate evolution of the 419 scams, also known as Business Email Compromise. Instead of targeting individuals with promises of hidden fortunes, fraudsters now impersonate executives, vendors, or legal teams within the companies. This allows them to make demands of their victims under the guise of company or legal authority, pressuring immediate action. And often, the payload isn’t just $500 wired to a Lagos bank account, it can be multiple figures redirected from legitimate transactions into fraudulent accounts. In a fintech environment where wire transfers and payment instructions flow constantly, BEC is one of the most formidable threats on the table. 

Vishing (Voice Phishing) 

While it can be considered a type of phishing, I think it merits its own mention, especially for professionals who know better than to respond to a suspicious email but would absolutely pick up a call from what sounds like their CEO or organization’s security team. Voice phishing incidents surged 442% between the first and second half of 2024. Unlike a sketchy email, a live caller creates immediate pressure to act. And increasingly, that “caller” isn’t human at all. AI has reached a point where it can almost indiscernibly mimic familiar voices. 

The Deepfake Evolution 

The original Nigerian prince emails were intentionally bad. Absurdity was exactly the point. If the recipient was thinking, the prince was walking. But AI-powered fraud operates on a completely different principle: it’s designed to be indistinguishable from reality. 

Consider what deepfake fraud looks like in the present day. Scammers need as little as three seconds of audio to produce a convincing voice clone. In a now-infamous case, a finance employee at an engineering firm was invited to a Zoom call with what appeared to be his CFO and several senior colleagues, all of whom instructed him to authorize a series of wire transfers. Every face on that call was a deepfake. He transferred $25.6 million before the fraud was discovered.  

The contrast between modern fraud and 419-era scams is immense. Classic advance-fee fraud was more of a volume game. The net was cast wide, relied on naivety, and accepted a low conversion rate. Modern deepfake fraud is a precision game. There is research involved in finding the perfect target, replicating their trust network, and striking exactly once for maximum yield. The Nigerian prince wanted your $500. Now that he’s graduated from Deepfake University, he wants your company’s entire payment pipeline, with no guarantee that anyone would even be left with $500. 

The Numbers Are Getting Uncomfortable 

In the US in 2023, 27% of people who reported fraud said they lost real money. By 2024, that figure jumped to 38%. Romance fraud, a force to be reckoned with on its own, saw money sent to scammers jump 37% year-over-year. A report by TSB found that the average romance fraud victim makes 11 payments and loses £7,500 over the course of a 95-day “relationship”, with 58% of these scams starting on social media.  

According to the Deloitte Center for Financial Services, fraud losses in the US driven by generative AI are projected to climb from $12.3 billion in 2023 up to $40 billion by 2027 — a 32% compound annual growth rate. Worldwide, fraud costs already topped $5 trillion annually in 2019, up 56% over the previous decade. Over 2025 alone, an estimated $534 billion was lost due to fraud. These aren’t projections for some distant threat, it’s what the landscape looks like today. 

The five emerging tactics that are keeping fraud teams most alert: 

1. AI-powered fraud (deepfakes, AI phishing, voice cloning) 

2. Synthetic identity fraud 

3. Account takeover and credential stuffing 

4. Social engineering & BEC 

5. Exploitation of instant payments and real-time transactions 

The speed that makes real-time payments valuable is the same speed that makes fraud harder to reverse. 

So, What Do You Do? 

If you ask us, the Nigerian prince’s greatest legacy isn’t the money he stole, it’s the complacency and false sense of security he created. The world laughed at him and forwarded his emails as jokes and assumed that modern fraud would be equally obvious. How wrong we were. 

Fraud today succeeds not because people are careless, but because the attacks are engineered to bypass normal caution and mental red flags. A video call (that happens to be a deepfake) will not inherently be flagged as suspicious, especially for professionals who have days full of back-to-back calls. A BEC email that appears inside an existing thread, with your CFO’s exact writing style, won’t trigger your inner skeptic. When the prey is human nature and habit, the human layer alone is no longer sufficient defense. 

At Axletree, cybersecurity and fraud prevention aren’t an afterthought — they’re built into how we approach financial messaging and payments infrastructure. Verification protocols, anomaly detection, and layered authentication aren’t optional features in a world where a 10-second voice recording can indiscernibly impersonate your CEO. The Nigerian prince taught us to recognize a scam. The challenge now is building systems that can do what humans sometimes can’t: catch the ones that don’t look like scams at all. 

The prince is now educated, savvier, and considerably harder to spot. We might miss the rotary phones and the obvious emails, but the reality of 2026 requires a different kind of know and know-how. With Axletree, it’s not your susceptibility to fraud that’s evolving, it’s your institution’s growth. 

Want to talk about what robust fraud prevention looks like for financial institutions? Reach out to the Axletree team at info@axletree.com. We can help deduce the difference between Prince Charming and Prince Phishing. 

References: 

1. NSDA – National Stamp Dealers’ Association 

2. WhyFromNigeria.pdf 

3. Vishing attacks increased by 442% in the second half of 2024 | Security Magazine 

4. https://fortune.com/europe/2024/05/17/arup-deepfake-fraud-scam-victim-hong-kong-25-million-cfo/ 

5. https://tnsi.com/resource/com/five-ways-to-protect-your-voice-from-ai-voice-cloning-scams-blog/ 

6. https://www.ftc.gov/news-events/news/press-releases/2025/03/new-ftc-data-show-big-jump-reported-losses-fraud-125-billion-2024 

7. https://www.tsb.co.uk/news-releases/money-sent-to-romance-scammers-jumps-37-percent-in-a-year.html 

8. https://www.deloitte.com/us/en/insights/industry/financial-services/deepfake-banking-fraud-risk-on-the-rise.html 

9. https://seon.io/resources/total-cost-of-fraud/ 

10. https://learn.seon.io/hubfs/2025_Digital_Fraud_Outlook.pdf