If you have a cellphone, bank card and online access, chances are you have had to thwart several cybercrime attempts in the past month.
That is no coincidence.
Cybercrime is now one of the fastest-growing forms of crime in Africa, costing about US$3 billion a year across the continent, according to Interpol’s 2025 Africa Cyberthreat Assessment.
In Southern Africa, South Africa is the largest cybercrime target because of its advanced digital technology. In West and East Africa — primarily Nigeria, Egypt, Kenya, Morocco, Tunisia, Ghana and Côte d’Ivoire — it accounts for more than 30% of all reported crime, according to the assessment.
Phishing scams (tricking victims into revealing personal information) are the most common offences, followed by ransomware (infecting systems and demanding payment to restore access), business email compromise (impersonating executives or suppliers in email communications to trick companies into transferring money) and digital sextortion (online blackmail where someone threatens to share sexual images).
Rapid digitalisation — mobile payments, fintech, e-commerce and social media — combined with limited cybersecurity capacity and legal frameworks, makes African countries particularly vulnerable.
A large share of incidents involves identity-related attacks (phishing, impersonation, account takeover), making up nearly half of cyber incidents in the East African region.
One of the biggest shifts in cybercrime is that criminals no longer need deep technical skills to ply their trade; they can simply enter dark web forums or encrypted platforms such as Discord or Telegram and buy or rent tools such as phishing kits, ransomware packages, malware and scam scripts, known as “cybercrime-as-a-service”.
Far from individuals operating on their own, many of today’s cybercriminals are sophisticated, working in large, well-organised ecosystems.
Members specialise in different roles.
For instance, one person builds a scam tool (software designed to steal usernames, passwords, et cetera), another runs the scam (sending out large volumes of messages or contacting victims) and another launders the money, typically moving it into mobile money wallets such as M-Pesa or cryptocurrency.
“If you follow the money of cybercrime, you find a broad group of participants from a cross-section of communities,” said Adrian Van Nice, supervisor of the Sexual Assault Unit for the Boulder County, Colorado, district attorney’s office in the US, during a recent webinar held by the Pan African Justice Initiative (PAJI).
“This is why collaboration between law enforcement agencies across borders is so important. These relationships need to be built in advance, so when I need to have someone extradited, I know who to go to,” she said.
The PAJI webinar examined Africa’s response to cybercrime, highlighting a major problem facing most countries on the continent: investigating cybercrime is prohibitively expensive, requires scarce skills (digital forensic experts, malware specialists, blockchain analysts) and investigators must continuously train and upgrade tools to keep up with new malware variants and AI-assisted attacks.
“It costs a lot of money for the training, the computers and the software that you have to renew every year and to keep up to date with current trends.
“Everything I know about digital forensics could be useless if there’s an update on a phone tomorrow as I won’t be able to view any of the data anymore,” Matt Beers, a digital forensic examiner in Boulder County, Colorado, told webinar attendees.
Bringing cybercriminals to book is, at best, a long process, taking months, if not years. “The slowest part is the investigative work, building your case,” said Beers.
In East Africa, cybercrime is strongly linked to gender-based violence and human trafficking, Evelyne Mboya, officer-in-charge at the cyber division of the Anti-Human Trafficking and Child Protection Unit at the Directorate of Criminal Investigations in Kenya, told the PAJI webinar.
“There are many romance scams and non-consensual sharing of intimate content followed by blackmail and extortion (sextortion),” she said, adding that the money typically moves through cryptocurrency.
Paradoxically, cryptocurrency enables cybercrime because of its anonymity features but law enforcement can still track flows using blockchain analytics, tracing transactions between wallets and following money across exchanges.
Last year’s Operation Serengeti, a large-scale Interpol-coordinated cybercrime crackdown on organised networks across the continent, recovered $97.4 million and 1 200 arrests were made.
Operation Sentinel, conducted by Interpol across 19 African countries late last year, targeted ransomware, business email compromise and digital extortion, resulting in 574 arrests and $3 million recovered. Thousands of malicious links were dismantled.
Blockchain analytics helps follow the money but real-world success — such as Operation Serengeti and Operation Sentinel — comes from linking digital traces to real people through coordinated, cross-border investigations.
Initiatives such as the African Joint Operation against Cybercrime are making good progress but not all countries have equal capabilities; information sharing can still be slow or fragmented and legal frameworks differ across countries.
Thus, to get these cases to the point of arrest, intelligence-led policing (data plus analytics) has to be backed by cross-country collaboration and well-funded institutional capacity that provides continual learning geared to outpace cybercriminals.
Good Governance Africa’s head of liaison and advocacy, Karim Singh, identified this need for more comprehensive enablement in the fight against corruption.
“Speaking at the African branch of the International Organisation of Supreme Audit Institutions (Afrosai-E) in Johannesburg last month, he said: “The auditor of the future must be part data scientist, part investigator, part lawyer, to ensure that every finding is ‘litigation-ready’.”
While institutions and law enforcement are catching up, most cyberattacks still succeed because they exploit human behaviour rather than technical weaknesses. Consumers are the frontline of defence against cybercrime.
Awareness remains critical. Typical red flags include pressure to act urgently, official-looking emails with errors in the address, website links with misspellings, requests for PINs for unexpected payments and crypto schemes promising fast profits.
Young women are a high-risk group, as they routinely fall prey to sophisticated romance scams that begin with fake identities, trust-building and emotional manipulation and progress to gradual financial extraction.
Kim Robinson, PAJI executive director, noted in a Channel Africa interview that awareness needs to extend to gender dynamics in communities.
“What are we telling our sons about how to treat women in their lives? What are we telling girls and women about what they can expect in relationships? We have access to people around us that we can influence and that can have an effect in preventing the crime in the first place.”
Ultimately, if community awareness is sufficiently heightened, alongside improved coordination, the right technical resources and timely legal action, the advantage cybercriminals have gained will begin to weaken.
Helen Grange is a writer and sub-editor at Good Governance Africa.
Most cyberattacks succeed because they exploit human behaviour rather than technical weaknesses. Consumers are the frontline of defence against cybercrime
