Multi-Million Dollar Romance Scam Exploits City Bank Account: How Criminals Used Cryptocurrency and Gift Cards

A sophisticated romance fraud operation has exposed significant vulnerabilities in municipal financial systems, resulting in losses exceeding $1.3 million from the City of Norfolk’s corporate bank account. Federal prosecutors have brought charges against Habeeb Anibaba, a Nigerian national, in connection with an elaborate scheme that leveraged cryptocurrency transfers, gift card purchases, and traditional money movement tactics to systematically drain public funds.

The Scale of the Scheme: Over 900 Fraudulent Transfers

Court documents reveal that the illicit operation persisted for nearly a year, during which perpetrators executed more than 900 unauthorized ACH transfers targeting the city’s banking infrastructure. The sheer volume of transactions demonstrates a highly organized approach to financial fraud, with criminals operating across multiple channels simultaneously to obscure their activities and delay detection.

The investigation uncovered a deliberate methodological structure designed to maximize fund extraction while minimizing risk of immediate discovery. Federal authorities characterize the operation as a coordinated effort involving multiple actors working in concert to exploit both municipal financial systems and individual victims.

How Romance Fraud Became the Attack Vector

Targeting Vulnerable Individuals Through Dating Platforms

At the heart of this scheme lay a classic confidence operation: romance scammers impersonating legitimate romantic interests on popular dating platforms. Investigators identified at least six female victims, ranging from 20 to 30 years old, who were systematically manipulated through extended online communications designed to establish emotional trust and dependency.

The scammers followed a proven playbook, gradually building relationships before introducing financial requests. Victims believed they were assisting romantic partners facing genuine hardships, a psychological manipulation tactic that has proven devastatingly effective across countless fraud operations targeting lonely individuals seeking connection.

The Money Movement Chain: From Bank Account to Cryptocurrency

Once victims were psychologically primed, perpetrators issued explicit instructions directing funds into various accounts. The laundering strategy employed a multi-layered approach: victims transferred money directly to intermediary accounts, purchased gift cards for secondary conversion, and critically, engaged in cryptocurrency transactions designed to obscure the audit trail.

The use of digital asset transfers—including Bitcoin, Ethereum, and altcoins—provided scammers with significant operational advantages. Cryptocurrency’s pseudonymous nature and blockchain-based architecture created substantial difficulties for law enforcement attempting to trace and recover stolen assets. This integration of Web3 technologies with traditional romance fraud represents an evolution in financial crime tactics.

Municipal Financial Systems Under Siege

How Criminals Gained Access to City Banking Infrastructure

Perhaps most troubling, federal authorities have not publicly disclosed how perpetrators obtained the City of Norfolk’s banking credentials and account information. This knowledge gap raises critical questions about municipal cybersecurity protocols, employee vulnerability to social engineering attacks, and potential insider involvement.

The lack of transparency surrounding initial access vectors represents a significant concern for municipal governments nationwide. If account information was compromised through phishing, credential theft, or insider threats, countless other public agencies may face similar exposure without implementing appropriate defensive measures.

Detection and Investigation Response

Norfolk’s financial institution ultimately detected suspicious activity patterns associated with the account, triggering escalation to bank security teams. The city subsequently engaged federal law enforcement, specifically the Federal Bureau of Investigation, to conduct forensic analysis and transaction tracing across the fraudulent fund movements.

Investigators painstakingly reconstructed the transaction flow, identifying connection points between the compromised municipal account, individual victims’ finances, cryptocurrency wallets, and intermediary accounts used by the scam network. This complex investigative work required coordination between multiple agencies and financial institutions operating across different regulatory frameworks.

International Law Enforcement Coordination

Anibaba’s arrest in the United Kingdom marked a significant development in the investigation, with American federal prosecutors immediately initiating extradition proceedings. This international dimension underscores the transnational nature of modern financial crime, where perpetrators operate across borders while exploiting victims and institutions globally.

The extradition process, though still ongoing, represents American law enforcement’s commitment to holding international fraud operators accountable for crimes targeting domestic institutions and citizens. The case reinforces growing concerns about sophisticated criminal networks leveraging Web3 technologies, defi platforms, and cryptocurrency infrastructure to facilitate money laundering and evade traditional law enforcement mechanisms.

Recovery Efforts and Partial Resolution

Working cooperatively with financial institutions and law enforcement agencies, the City of Norfolk successfully recovered a substantial portion of stolen funds. However, despite these recovery efforts, total losses exceeded $1.3 million, representing a significant impact on municipal resources that could have been directed toward public services and community infrastructure.

The recovery process highlighted both the possibilities and limitations of financial institution cooperation in tracking and freezing illicit funds. While some assets were recoverable through traditional banking channels, cryptocurrency transfers proved substantially more difficult to trace and recover, particularly if assets had been transferred to decentralized exchanges (DEX) or self-custodied wallets.

Implications for Municipal Cybersecurity and Personal Financial Safety

This case serves as a cautionary tale for both government entities and individual users. Municipal institutions must implement robust authentication protocols, multi-factor verification systems, and comprehensive employee security training to prevent unauthorized account access. Additionally, public agencies should establish dedicated monitoring for unusual transaction patterns that might indicate compromise.

Individual citizens, particularly those active on dating platforms, must remain vigilant against social engineering attempts. Legitimate romantic partners will not request financial transfers, cryptocurrency transactions, or gift card purchases. Any such requests should trigger immediate skepticism regardless of relationship history.

Conclusion: The Evolving Threat Landscape

The Norfolk municipal fraud case exemplifies how classical confidence schemes have evolved by incorporating modern financial technologies. By combining romance fraud tactics with cryptocurrency transfers, gift card purchases, and sophisticated money laundering techniques, perpetrators have created hybrid attack vectors that challenge traditional law enforcement approaches.

As cryptocurrency adoption accelerates and blockchain technology becomes increasingly integrated into financial systems, both regulators and law enforcement must develop specialized expertise to combat crimes leveraging these emerging technologies. The intersection of social engineering, romance fraud, and digital asset transfers represents the future of financial crime—one that demands adaptive, coordinated responses from institutions, agencies, and informed citizens alike.