Most scammers and cybercriminals operate in the digital shadows and don’t want you to know how they make money. But that’s not the case for the Yahoo Boys, a loose collective of young men in West Africa who are some of the web’s most prolific—and increasingly dangerous—scammers.
Thousands of people are members of dozens of Yahoo Boy groups operating across Facebook, WhatsApp, and Telegram, a WIRED analysis has found. The scammers, who deal in types of fraud that total hundreds of millions of dollars each year, also have dozens of accounts on TikTok, YouTube, and the document-sharing service Scribd that are getting thousands of views.
Inside the groups, there’s a hive of fraudulent activity with the cybercriminals often showing their faces and sharing ways to scam people with other members. They openly distribute scripts detailing how to blackmail people and how to run sextortion scams—that have driven people to take their own lives—sell albums with hundreds of photographs, and advertise fake social media accounts. Among the scams, they’re also using AI to create fake “nude” images of people and real-time deepfake video calls.
The Yahoo Boys don’t disguise their activity. Many groups use “Yahoo Boys” in their name as well as other related terms. Our analysis found 16 Yahoo Boys Facebook groups with almost 200,000 total members, a dozen WhatsApp channels, around 10 Telegram channels, 20 TikTok accounts, a dozen YouTube accounts, and more than 80 scripts on Scribd. And that’s just the tip of the iceberg.
In general, the companies do not allow content on their platforms that encourages or promotes criminal behavior. The majority of the Yahoo Boys accounts and groups we identified were removed after we contacted the companies about the groups’ overt existence. Despite these removals, dozens more Yahoo Boys groups and accounts remain online.
“They’re not hiding under different names,” says Kathy Waters, the cofounder and executive director of the nonprofit Advocating Against Romance Scammers, which has tracked the Yahoo Boys for years. Waters says the social media companies are essentially providing the Yahoo Boys with “free office space” to organize and conduct their activities. “They’re selling scripts, selling photos, identifications of people, all online, all on the social media platforms,” she says. “Why these accounts still remain is beyond me.”
The Yahoo Boys aren’t a single, organized group. Instead, they’re a collection of thousands of scammers who work individually or in clusters. Often based in Nigeria, their name comes from formerly targeting users of Yahoo services, with links back to the Nigerian Prince email scams of old. Groups in West Africa can be often organized in various confraternities, which are cultish gangs.
“Yahoo is a set of knowledge that allows you to conduct scams,” says Gary Warner, the director of intelligence at DarkTower and director of the University of Alabama at Birmingham’s Computer Forensics Research Laboratory. While there are different levels of sophistication of Yahoo Boys, Warner says, many simply operate from their phones. “Most of these threat actors are only using one device,” he says.
Lauren Goode
Matt Simon
Tess Owen
Charlie Wood
The Yahoo Boys orchestrate numerous scams—from romance scams to business email frauds. They typically “bomb” potential victims by firing up hundreds of messages on dating apps or Facebook profiles. According to Waters, they will say anything to garner more money.
Looking up the Yahoo Boys on Facebook, two warnings appear: The results are potentially linked to fraudulent activities which are not allowed on the site. Ignoring the warnings exposes Yahoo Boy groups with thousands of members—one group even has over 70,000.
Within these groups—filled with posts marketing SIM cards and albums filled with hundreds of photos—the scammers push individuals towards other messaging platforms like Meta’s WhatsApp or Telegram. This is where the Yahoo Boys really come into their element. Some groups and channels on these platforms see hundreds of posts a day, and they are a part of their extensive network of operations.
After WIRED approached Facebook about the 16 groups they had identified, those groups were removed by the company and some of the associated WhatsApp groups were also deactivated. Al Tolan, a spokesperson for Meta acknowledged that “Scammers exploit every accessible platform to defraud people and they constantly adapt to avoid getting caught”. Tolan didn’t elaborate on the specifics of the deleted accounts, or discuss the ease with which they were located, he did however emphasize that “Purposefully exploiting others for monetary gain is against our policies and we take action when we’re informed of it. We invest in enhancing our technology and collaborate with law enforcement so that scammers can be prosecuted. We also consistently offer advice on various ways people can protect themselves, their accounts and avoid scams.”
The groups on Telegram were removed after WIRED communicated with the company’s press office, although they did not give any response as to why they had removed them.
Across all social media platforms, scammers known as Yahoo Boys share “scripts”. These scripts are used as tools to socially manipulate people, they can extend to several thousand words and are often copy-pasted across different victims. A number of these scripts have been around for many years. Ronnie Tokazowski, who is the chief fraud investigator at Intelligence for Good, and assists victims of cybercrime, says “I’ve seen some scripts that delve into 30-60 layers before the scammer needs to come up with something original to add into the conversation”. It is specifically through these scripts that the scammers manipulate their victims according to Tokazowski.
The scams come in various forms – The scammers sometimes pretend to be military officers, they may offer “hookups”, impersonate the FBI, pose as doctors, and even people searching for love. A typical “good morning” script includes several messages that the scammers can then send out to potential victims. One such message reads “In a world full of deceit and lies, I feel lucky when see the love in your eyes. Good morning”. But not all script lines are this innocuous.
The Yahoo Boys have been behind a recent wave of sextortion across the United States and elsewhere, says Paul Raffile, an intelligence analyst at the Network Contagion Research Institute who is closely tracking the criminals. Broadly speaking, during sextortion, a scammer will use intimate or explicit images to try to get someone to pay them money. “The Yahoo Boys are the principal threat actor behind the surge of sextortion that we’re seeing over the past 18 months,” Raffile says. “They are responsible for forcing dozens of teens to suicide.”
Lauren Goode
Matt Simon
Tess Owen
Written by: Charlie Wood
In a series of posts on one Telegram channel, an individual involved in cybercrime demonstrated how to execute a sextortion scam. They described how they fooled individuals into sharing explicit images, and detailed the methods so others could commit the same fraudulent acts. One alleged message from the criminals read: “Hey I am posting your naked pictures on social media and Facebook. Am not just posting it am sending copies of it to your area,” the message ends with a demand for $700.
Sextortion guides and examples just like these are disseminated on all social media platforms. WIRED discovered at least 80 on the document-hosting service Scribd. After being contacted by WIRED, Scribd removed the offending documents. A representative of the company stated that there are limits on the allowable content and that both automated and manual reviews take place to delete inappropriate material. “We’re continually expanding the range of our content moderation to cover a wider variety of text and image violations,” the spokesperson added. Some of these guides had been publicly available since 2020, and other scam guides were recommended in a “reading suggestions” section after the removal of the initial scripts.
According to Raffile, the group known as the Yahoo Boys have prospered online due to the lack of regulation surrounding their illegal content. “They act with reckless abandon, thinking they will never get caught,” Raffile explains.
Beyond the messaging platforms, the Yahoo Boys have a presence on TikTok and YouTube. “We design our app to be inhospitable to those who seek to exploit our community and we’ve removed this content for violating our policies,” a TikTok spokesperson says.
“Our policies prohibit spam, scams, or other deceptive practices that take advantage of the YouTube community,” a YouTube spokesperson says. “We also prohibit videos that encourage illegal or dangerous activities. As such, we have terminated the flagged channels for violating our policies and our terms of service.” They add that the company removed accounts for breaching policies about harmful content, spam, and generally violating its terms of service.
The accounts posted tutorials about how to scam people, link to groups on messaging apps, and promote technology for fake video calls. On TikTok, multiple accounts include carousels of images that the scammers can use in their efforts to create believable personas. Some of these include posts of elderly women for scammers who are in “need of grandma pictures for proof” of their fake identities and others for scammers who “need kids pics” for their victims.
As well as being a threat to thousands of people around the world, the Yahoo Boys can be quick to adopt new technologies. David Maimon, a professor at Georgia State University and the head of fraud insights at the identity-verification firm SentiLink, has monitored Yahoo Boys for years and says their techniques have evolved alongside new technologies.
“To build rapport with victims, the fraudsters first used text messages, then started sending recorded audio messages, to now using deepfake tools to communicate with victims live,” Maimon says. “On some of the markets we now also see the use of cloned voices. It is now accompanied with sending physical items to victims such as presents, food deliveries, and flowers.” Within some groups, they use “nudification” tools to turn photos of people clothed into nude photos, and deepfake video calls.
While the Yahoo Boys have been active for years, all the experts spoken to for this piece say they should be treated more seriously by social media companies and law enforcement. “It’s time that we start looking at Yahoo Boys as a dangerous organization, transnational organized crime, and start giving it some of those labels,” Raffile says.
