A years-long digital crime network orchestrated tax refund fraud targeting the U.S. government, as a Nigerian national received an eight-year prison sentence. The Justice Department detailed how Matthew Abiodun Akande, 37, coordinated a sophisticated operation involving cyber intrusions and financial deception. Security experts have noted increased activity by international cybercriminal groups around annual tax filing periods, with the latest sentencing underlining persistent vulnerabilities. The case highlights the growing challenge authorities face with cross-border cybercrimes seeking financial gain through identity theft and digital infiltration.
Similar tax-related cybercrime schemes have been documented by law enforcement in the U.S. since at least the early 2010s, often involving phishing, malware, and identity theft. Previous cases typically targeted individual taxpayers rather than intermediary firms. Unlike many earlier incidents that used simple phishing emails, Akande’s operation incorporated advanced remote access trojans such as Warzone RAT, demonstrating evolving tactics among fraudsters. Consistent patterns involve laundering funds through networks of co-conspirators within the U.S. and abroad.
How Did Akande and His Team Breach U.S. Tax Firms?
Matthew Abiodun Akande, operating from Mexico along with at least four collaborators, infiltrated the networks of tax preparation firms over a five-year period ending in June 2021. Prosecutors say the group used phishing emails designed to deceive employees at Massachusetts-based tax companies, installing Warzone RAT malware to gain unauthorized access. Sensitive client information was then extracted, enabling fraudulent tax returns to be filed using the stolen data.
What Was the Scale and Impact of the Fraudulent Tax Filing?
Akande and his associates submitted over 1,000 fake tax returns, seeking more than $8.1 million in refunds, according to court records. Their efforts resulted in over $1.3 million in illicit funds acquired from the IRS, with some returns directed into U.S. bank accounts set up or accessed by co-conspirators. Stolen money was withdrawn in cash and transferred to third parties, primarily in Mexico, as authorities outlined.
How Did the Arrest and Sentencing Occur?
Akande’s eventual detention took place at London’s Heathrow Airport in October 2024, followed by extradition to the U.S. in March 2025. Prosecutors charged him with a range of offenses, including conspiracy to access protected computers, wire fraud, and aggravated identity theft. In court, Akande admitted guilt to all charges. Speaking to the seriousness of the crimes, the Justice Department announced:
“The defendant orchestrated a sophisticated scheme to steal millions from the government through identity theft and computer intrusion.”
Akande’s lawyer emphasized his client was not living lavishly during his time in Mexico and noted his cooperation with authorities. During sentencing, Akande stated:
“I acknowledge the harm my actions caused and take full responsibility for my conduct.”
The persistent risk of cyber-intrusions targeting financial institutions remains a concern, especially when criminals take advantage of global networks and advanced malware. Experts recommend tax practitioners adopt stringent cybersecurity measures, including staff training on email threats and the deployment of endpoint detection tools against malware like Warzone RAT. This case demonstrates the ability of law enforcement agencies to collaborate across borders in apprehending and prosecuting perpetrators involved in digital financial crimes. For the public, it serves as a reminder of the importance of protecting personal data and recognizing the roles that tax professionals and institutions play in safeguarding sensitive information.
