How the FBI Hunted Down a Nigerian Yahoo Boy Who Scammed a Trump Donor Out of $250,000

In late December 2024, as the United States buzzed with anticipation for Donald Trump’s 2025 presidential inauguration, a cunning cybercriminal in Lagos, Nigeria, executed a daring heist. Dubbed a "Yahoo Boy" in local slang for internet fraudsters, Ehiremen Aigbokhan allegedly masterminded a Business Email Compromise (BEC) scheme that siphoned $250,300 in cryptocurrency from a donor intending to support the Trump-Vance Inaugural Committee. This audacious scam, initially misreported as targeting Trump himself, sparked a high-stakes FBI investigation that showcased cutting-edge blockchain analysis and international cooperation. Here’s how the FBI tracked and pursued this elusive fraudster.

The scam was as bold as it was meticulous. On December 24, 2024, the perpetrator sent a phishing email impersonating Steve Witkoff, co-chair of the Trump-Vance Inaugural Committee. The email came from a spoofed address— @t47lnaugural.com nearly identical to the legitimate @t47inaugural.com, with a lowercase "L" replacing the "I." This subtle difference, often indistinguishable in standard fonts, tricked an unsuspecting donor into believing the request was genuine.

On December 26, 2024, the donor transferred 250,300 USDT.ETH, a stablecoin pegged to the U.S. dollar on the Ethereum blockchain, to a cryptocurrency wallet controlled by the scammer. Within two hours, the funds were funneled through multiple wallets, a common tactic to obscure the money trail. The operation’s sophistication suggested a seasoned fraudster, but the FBI was already on the case.

The FBI’s Washington Field Office, known for tackling complex cybercrimes, launched an immediate investigation. The agency’s first breakthrough came through blockchain analysis, a forensic technique that traces cryptocurrency transactions across the decentralized ledger. Unlike traditional bank transfers, cryptocurrency transactions are publicly recorded, but their pseudonymity makes identifying the owner a challenge. The FBI’s cyber division, however, was up to the task.

By analyzing the blockchain, investigators traced the stolen 250,300 USDT.ETH from the initial wallet (ending in 58c52) to several others. Within days, the FBI identified a Binance account registered to Ehiremen Aigbokhan, a Lagos-based individual with no prior transaction history on the account until the scam funds appeared in October 2024. This raised immediate red flags, as the account’s sudden activity aligned perfectly with the fraud.

The FBI didn’t work alone. Recognizing the international scope of the crime, they collaborated with Binance and Tether, the issuer of USDT. On December 31, 2024, Tether froze the implicated accounts, halting the movement of 215,000 USDT.ETH. The FBI recovered 40,300 USDT.ETH, including 20,017 from Aigbokhan’s personal wallet and 20,336 from another linked address. This amounted to over ₦60 million at the black market exchange rate, a significant win in the fight to reclaim the stolen funds.

Further digital forensics cemented Aigbokhan’s role. IP addresses tied to the fraudulent email logins consistently traced back to Lagos, Nigeria. The Binance account, created just two months before the scam, was linked to Aigbokhan through registration details and transaction patterns. The FBI’s findings painted a clear picture: this was a calculated operation by a “Yahoo Boy” exploiting the hype around Trump’s inauguration.

Yahoo Boys and BEC Scams

“Yahoo Boys” are a notorious subset of Nigerian cybercriminals, named after their early use of Yahoo email for scams in the 2000s. Specializing in romance fraud, phishing, and BEC schemes, they’ve evolved into a multimillion-dollar industry, costing victims billions annually. This case, however, stood out for its political target and high-profile nature. The scammer’s choice to impersonate a Trump ally during a U.S. presidential transition underscored the growing audacity of international cybercrime.

BEC scams, like the one Aigbokhan allegedly orchestrated, rely on social engineering. By mimicking trusted entities, fraudsters exploit human error—here, a donor’s trust in a seemingly legitimate email. U.S. Attorney Jeanine Ferris Pirro emphasized the need for vigilance: “All donors should double and triple check that they are sending cryptocurrency to their intended recipient. It can be extremely difficult for law enforcement to recoup lost funds due to the complex nature of the blockchain.”

The Legal Response and What’s Next

On July 2, 2025, the U.S. Attorney’s Office for the District of Columbia filed a civil forfeiture complaint to recover the 40,300 USDT.ETH, aiming to return it to the victim. The FBI is also pursuing an arrest warrant for Aigbokhan, though extradition from Nigeria remains uncertain. Nigeria’s Economic and Financial Crimes Commission (EFCC) has reportedly joined the effort, signaling potential cross-border cooperation.

The case has reignited calls for stronger cybersecurity in political fundraising. Assistant FBI Director Steven J. Jensen warned, “Impersonation scams take many forms and cost Americans billions in losses each year. Carefully review email addresses, website URLs, and spelling in any messages you receive.” The incident highlights the vulnerabilities of cryptocurrency transactions, where speed and irreversibility make recovery a race against time.