A United States federal court has sentenced 37-year-old Nigerian national, Matthew Akande, to eight years in prison for his central role in a sophisticated five-year cybercrime operation that involved hacking tax preparation firms and filing fraudulent tax returns to defraud the U.S. government.
U.S. District Court Judge Indira Talwani sentenced Akande yesterday to hold him accountable for the extensive financial harm caused by the fraud, which sought over $8.1 million in bogus refunds and exposed vulnerabilities in tax systems.
In addition to the prison term, the court ordered Akande to pay nearly $1.4 million in restitution to compensate the government and affected parties for losses incurred through identity theft and wire fraud.
Akande faced charges in a July 2022 indictment, including conspiracy to gain unauthorized access to protected computers, wire fraud, theft of government funds, and aggravated identity theft, pleading guilty to all 33 counts in April 2025.
He was arrested at Heathrow Airport in the United Kingdom in October 2024 and extradited to the United States in March 2025, demonstrating international cooperation in combating cross-border cybercrimes targeting financial institutions and government revenues.
Investigations revealed that Akande, along with at least four co-conspirators, illicitly accessed protected computer networks of multiple tax firms, stole sensitive client information, and submitted over 1,000 phony tax refund claims, ultimately securing more than $1.3 million in illicit refunds.
Co-conspirators, including Kehinde Hussein Oyetunji, a Nigerian resident of North Dakota, and two unnamed individuals, assisted in routing the fraudulent refunds to U.S. bank accounts, from which funds were withdrawn and transferred to Mexico under Akande’s direction.
The elaborate scheme, which spanned from 2016 to June 2021, saw Akande operating from Mexico, where he sent phishing emails to employees at five Massachusetts-based tax preparation companies, tricking them into installing remote access Trojan malware that enabled unauthorized data breaches.
Meanwhile, the U.S Federal authorities have encouraged all businesses that suspect they have been targeted or victimized by a cyberattack to file a complaint with the Internet Crime Complaint Center at www.ic3.gov.
“Taxpayers and tax preparation firms that suspect they have been targeted by phishing attacks can also forward suspicious emails to phishing@irs.gov..
