Fake investment scams, ransomware, digital sextortion and business email compromise are surging across the continent. Experts say African countries must do more to protect their citizens.
Rising digital dependency in the public and private sectors, along with “a severe lack of cybersecurity capacity,” have combined to make Africans extremely vulnerable, according to Anna Collard, senior vice president of content strategy for security software company KnowBe4 Africa.
“It means that Africa is an attractive target area for criminals,” she told ADF. “The majority of cybersecurity incidents go unreported or unresolved, meaning that cyber threats in Africa are likely much worse than recognized.”
In the past year, suspected scam notifications rose by a staggering 3,000% in some African countries, according to the Interpol 2025 Africa Cyberthreat Assessment Report.
“This fourth edition of the INTERPOL African Cyberthreat Assessment provides a vital snapshot of the current situation, informed by operational intelligence, extensive law enforcement engagement and strategic private-sector collaboration,” Interpol Cybercrime Director Neal Jetton said in a statement when the report was published on June 23.
“It paints a clear picture of a threat landscape in flux, with emerging dangers like AI-driven fraud that demand urgent attention. No single agency or country can face these challenges alone.”
Ransomware detections in Africa also rose in 2024, with South Africa and Egypt suffering the highest numbers — 17,849 and 12,281, respectively, according to data from Trend Micro.
Nigeria (3,459) and Kenya (3,030), two other highly digitized economies, followed on the ransomware list and suffered cyberattacks on critical infrastructure, such as a breach at Kenya’s Urban Roads Authority, and on government databases, such as hacks of Nigeria’s National Bureau of Statistics.
Business email compromise (BEC) incidents also rose significantly, as 11 African nations accounted for the majority of activity originating on the continent. In West Africa, BEC fraud has driven highly organized, multimillion-dollar criminal enterprises, such as transnational syndicate Black Axe.
“Cybersecurity is not merely a technical issue; it has become a fundamental pillar of stability, peace and sustainable development in Africa,” Acting Executive Director of Afripol Ambassador Jalel Chelba said. “It directly concerns the digital sovereignty of states, the resilience of our institutions, citizen trust and the proper functioning of our economies.”
Digital sextortion, in which criminals use sexually explicit images to blackmail their victims, rose sharply with 60% of African member countries reporting an increase in cases. Some of these images can be authentic — shared voluntarily or obtained through coercion or deception — or they can be generated by artificial intelligence (AI).
“Criminals are becoming more sophisticated, leveraging AI, automation and social engineering tactics to target victims at scale,” Collard said. “We’re seeing a troubling rise in financial scams, romance scams, business email compromise and digital sextortion, particularly targeting young people and the most vulnerable. What’s often invisible in the statistics is the human cost: mental health harm, financial ruin and trust erosion.”
The Interpol report detailed positive steps that some African member countries have taken to strengthen their cyber resilience by advancing their legal frameworks and harmonizing cybersecurity laws with international standards. Many countries also enhanced their cybercrime response capabilities, investing in specialized units and digital forensics infrastructure.
The improvements paid off with two high-impact international cybercrime operations coordinated by Interpol — Operation Serengeti and Operation Red Card — which together led to more than 1,000 arrests and the dismantling of hundreds of thousands of malicious networks.
Interpol proposed six strategic recommendations, including improving regional and international cooperation, expanding prevention and public awareness, and leveraging emerging technologies.
Collard, who is based in South Africa, said there is much work to be done.
“At a national and continental level, we must invest in training, cognitive resilience and reporting systems,” she said. “Equipping defenders isn’t just about tech — it’s about people. That’s why I advocate for digital mindfulness and cyber psychology to help people build habits of attention and discernment in a noisy online world.”
Collard’s urgent steps for individuals and communities:
- Pause before you click: Many scams rely on emotional manipulation: urgency, fear, romance or greed. A mindful moment of reflection can stop a scam in its tracks. Digital mindfulness is a key life skill nowadays.
- Enable security basics: Two-factor authentication, strong passwords and regular device updates are simple but powerful steps.
- Talk about it: Scams thrive in silence. The more people share experiences and raise awareness in schools, families and workplaces, the harder it becomes for criminals to succeed.