A United States federal court in Boston has sentenced a Nigerian national, Matthew A. Akande, to eight years in prison for orchestrating a sophisticated cyber fraud scheme that targeted tax preparation firms and defrauded the U.S. government of over $1.3 million.
The 37-year-old, who had been residing in Mexico, was also ordered to pay $1,393,230 in restitution and to serve three years of supervised release following the completion of his prison term. The sentence was delivered on Tuesday by U.S. District Judge Indira Talwani, according to a statement released by U.S. authorities on Wednesday.
Akande’s scheme, prosecutors revealed, involved a combination of phishing emails, malware attacks, and identity theft to access the computer systems of Massachusetts-based tax preparation companies. Using these tools, he and his accomplices stole personal information from taxpayers and filed more than 1,000 fraudulent tax returns over a five-year period, resulting in over $8.1 million in attempted refunds.
“Matthew A. Akande, a Nigerian national living in Mexico, was sentenced by U.S. District Court Judge Indira Talwani to eight years in prison, followed by three years of supervised release. He was also ordered to pay $1,393,230 in restitution,” the statement said.
Akande was arrested in October 2024 at London’s Heathrow Airport at the request of U.S. authorities and was subsequently extradited to the United States on March 5, 2025. He had been indicted in July 2022 on multiple charges, including conspiracy, wire fraud, unauthorized computer access, theft of government funds, and aggravated identity theft.
The court documents describe Akande’s operation in detail. Between June 2016 and June 2021, he and his co-conspirators sent fraudulent emails to tax firms, posing as potential clients seeking tax services. These emails contained instructions that tricked employees into installing remote-access trojan malware (RAT), including a program known as Warzone RAT.
Once installed, the malware allowed the group to gain access to sensitive client data, including personally identifiable information (PII) and prior-year tax records. Using this stolen data, Akande’s network filed fraudulent tax returns requesting refunds, which were then directed into bank accounts opened by his co-conspirators in the United States.
“Akande and his collaborators used the RAT malware to obtain taxpayers’ personal and prior-year tax information. They then filed fraudulent returns seeking refunds, which were deposited into accounts controlled by co-conspirators in the U.S. Portions of the money were transferred to third parties in Mexico under Akande’s direction, while the rest was retained by the conspirators,” the statement said.
Investigators confirmed that more than $1.3 million was successfully diverted through the scheme, though the total value of attempted refunds exceeded $8.1 million.
The U.S. Department of Justice emphasized that the case highlights the growing threat of cyber-enabled tax fraud, particularly when orchestrated across international borders. By targeting both the computer systems of legitimate tax firms and the sensitive information of individual taxpayers, Akande’s operation represented a sophisticated, coordinated attack on government resources.
Akande’s criminal history, combined with the scale of the scheme, played a significant role in the severity of the sentence. Judge Talwani noted that while the defendants’ actions were “grave,” the lack of physical harm to individuals influenced the decision to impose a prison term rather than a more extreme penalty.
Federal authorities described the sentence as a clear warning to other individuals considering cross-border cybercrime. The combination of international cooperation, extradition procedures, and rigorous investigation demonstrated the U.S. government’s commitment to prosecuting offenders who exploit technology to defraud taxpayers.
“Akande’s conviction underscores the risks posed by phishing attacks, malware deployment, and identity theft schemes targeting financial systems. It serves as a deterrent to other would-be cybercriminals,” the Department of Justice said in the statement.
The case also highlights the importance of robust cybersecurity measures for financial institutions and tax preparation firms, particularly in an era of increasingly sophisticated cyber threats. Authorities urged companies to invest in employee training, security software, and monitoring systems to prevent similar intrusions in the future.
Matthew Akande will remain in U.S. federal custody until the start of his prison term and will begin serving supervised release following his sentence, during which time he will be subject to strict monitoring and restrictions on financial activities.