Increased internet usage, mobile-money ubiquity and the spread of cashless services in Kenya have conspired to create a lucrative environment for cyber criminals to thrive.
“Don’t send money on the other phone number, use this line,” this is a message many Kenyans have received on their mobile phones. It is among the most circulated in the country by fraudsters, targeting mobile-money users, and many people have fallen for it and lost cash.
Cybercriminals in the east African nation have devised many ways to steal from mobile-money and internet users, both corporates and individuals. At the end of December 2018, Kenya’s total number of active internet subscriptions stood at 46 million, up from 33 million of a year earlier, according to the Communication Authority of Kenya (CA). One of the factors that have contributed to the rise in internet use is the increased adoption of smartphones and social media.Many government and private organizations like banks have also automated their services, making it convenient for citizens to use the internet.
Stolen data
On the other hand, mobile money use continues to soar, with Kenya’s 45 million subscribers transacting a record Sh1.06 trillion in the first quarter of 2019, up from 36 billion dollars for the whole year in 2018, according to the Central Bank.
Some of the organisations increasingly targeted by fraudsters, in addition to ordinary Kenyans, are banks, savings and credit societies, government agencies and telecommunication companies.
Kenyan companies lost $300 million (Sh30 billion) to cybercriminals last year, up from $210 million (Sh21.2 billion) in 2017, as the fraudsters stepped up their activities, Serianu, a firm that monitors cyber-attacks, said on Tuesday.
“This includes 80 million dollars in direct cost from money lost in attacks or ransom paid to free up stolen data and over 200 million dollars in indirect costs involving buying of equipment and software, training personnel and monitoring systems to prevent attacks,” noted Serianu chief executive William Makatiani.
The attacks organisations in Kenya face include data breaches, data manipulation, email phishing, abuse of privilege access and system misconfigurations.
In the last quarter of 2018, according to the latest CA data, there was an increase in the number of cyber threats in Kenya, with attacks standing at over 10.2 million in the three months, compared to 3.8 million in the previous quarter.
Banks and credit societies are some of the easy targets, according to Serianu, with attackers leveraging on database manipulation. Peter Chacha, a journalist in Nairobi, is among ordinary Kenyans who have recently lost cash to fraudsters. For the past one week, Chacha has been frequenting his bank trying to figure out how 200 dollars was withdrawn from his account, although he did not do the transaction.
“The bank has informed me it is investigating and that in case I was not involved, I would get my money back,” he said on Wednesday. “I am hopeful all will go well.”
To help curb fraud, Kenyan banks and telecommunication firms are educating the public on how to stop the crime, reminding customers to secure their bank and mobile-money passwords and report scam messages.
Bernard Mwaso of the Nairobi-based Edell IT Solution noted that with increased internet and mobile-money usage, cybercrime is here to stay.
Stay informed. Subscribe to our newsletter
The Standard Group Plc is a
multi-media organization with investments in media platforms spanning newspaper
print operations, television, radio broadcasting, digital and online services. The
Standard Group is recognized as a leading multi-media house in Kenya with a key
influence in matters of national and international interest.
join