Sting nabs Kenyans in global Ksh1.1B card fraud
Twenty-four Kenyans have been arrested in an international joint operation that seized Sh1.1 billion online credit card fraud targeting Kenyan financial institutions. Led by Interpol and the African Union police body (Afripol), the operation led to the arrest of the fraudsters where it was established that USD8.6 million was stolen through fraudulent scripts run after altering the banking system’s security protocol.
The funds were then promptly redistributed by the group via SWIFT Codes to the accounts of companies in the United Arab Emirates, Nigeria and China and subsequently, to digital asset institutions offering trading and financial services regulated in multiple jurisdictions.
The two global police bodies said the authorities across 19 African countries arrested a total of 1,006 suspects and dismantled 134,089 malicious infrastructures and networks.
The Afripol team has been in the country for the joint operation and is currently being chaired by the Inspector General of Police, Douglas Kanja.
The operation, codenamed ‘Serengeti’, targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams, all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.
Budapest Convention
“More than 35,000 victims were identified during the operation, with cases linked to nearly USD 193 million in financial losses worldwide,” Interpol said.
The organisation added that information provided by participating countries of ongoing cases with Interpol fed into cyber analytical reports to ensure actions on the ground were intelligence-led and focused on the most significant actors. Private sector partners, including Internet Service Providers (ISPs), also played a vital role by sharing intelligence, supporting analysis and disrupting criminal activities.
They also provided on-site support and offered round-the-clock remote assistance to patch vulnerabilities and secure critical infrastructure for the participating member countries.
“We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques,” Ambassador Jalel Chelba, the Afripol Executive Director, said and noted that they have significantly enhanced support for law enforcement in AU member states.
According to the Interior Ministry, Kenya has enhanced its capacity in building a secure cyberspace and in the investigation of rising cyber-related crimes. The country has also joined an international convention, the Council of Europe (CoE) Convention on Cybercrime, otherwise known as the Budapest Convention.
The convention’s objectives include harmonising national laws related to cyber-related crime, supporting the investigation of these crimes and increasing international cooperation in the fight against cybercrime. It also provides for the criminalisation of conduct ranging from illegal access, data and systems interference to computer-related fraud and child pornography.
According to the Internal Security Principal Secretary Dr Raymond Omollo, joining the convention allows Kenya to have a legal basis for international cooperation on cybercrime and electronic evidence, participate in the negotiation of future instruments and the further evolution of the convention.
The PS had noted that as Kenyans become more reliant on technology, the threats they face grow more sophisticated and it was therefore essential that the country build strong cyber security capabilities to among other things protect the digital future and remain prepared.