By 
When Sylvia Wanjiru received a million-shilling payment from a client, a call from a “bank representative” followed within minutes, offering to “confirm” the transaction. It wasn’t coincidence. Soon, her parents fell victim too, losing pension payouts after responding to a fake suspension alert sent via text.
Such cases are becoming alarmingly common in Kenya. Victims report calls within minutes of deposits, fraudulent alerts, and rapid withdrawals—patterns suggesting access to real-time customer information. Investigators and insiders say the real danger lies not with hackers alone, but with collusion from bank staff and mobile money agents.
Cyber-threats surge
The Central Bank of Kenya’s (CBK) Financial Sector Stability Report 2025 shows cyber fraud in the banking sector more than doubled in 2024, with reported cases rising from 153 to 353. Losses nearly quadrupled to KES 1.5 billion ($11.6 million). The Communications Authority (CA) also logged 7.9 billion cyber threats in just eight months of 2025—double the 2024 total.
Despite CBK assurances of banking sector “resilience,” victim accounts and law enforcement reports point to a shadow industry of fraud rings, some operating like call centres in Nairobi neighbourhoods. Ex-risk officers say bank employees monitor accounts and tip off syndicates, who quickly launder stolen funds through mobile wallets or crypto channels.
Scale and collusion
Kenya’s largest retail lenders—Equity Bank, KCB Group, and Co-operative Bank—are prime targets, with their vast transaction volumes offering cover for fraudulent activity. Pensioners, traders, and salaried workers remain the easiest prey.
But the schemes can also turn deadly. In April, a teacher was murdered after withdrawing KES 285,000 ($206), with investigators suspecting insider leaks from tellers. Equity Bank, which initially reported a “sophisticated hack” in 2024, later faced allegations of internal collusion to siphon billions through disguised transfers.
Banks respond with housecleaning
Mounting fraud has forced lenders to take drastic action. Equity Group announced the dismissal of 1,500 staff in May, with CEO James Mwangi vowing to “protect customers and the bank” regardless of the scale of job cuts. Similar purges have occurred at KCB, NCBA, Absa, and Co-operative Bank, with Equity extending its crackdown to Uganda after staff-linked fraud emerged there.
A blurred battlefield
The Banking Fraud Investigations Unit (BFIU) says the boundary between cybercrime, insider theft, and organised racketeering is increasingly indistinct. A phishing text might initiate fraud, but stolen data often comes from insiders, laundered through mobile money networks and shielded by corrupt law enforcement.
The deeper risk, experts warn, is erosion of trust. Many customers no longer know whether their losses stem from hackers or insiders—and many choose not to report. To reassure investors, banks often frame fraud as “cyber threats,” even when investigations reveal human collusion.
As Kenya’s financial system expands, the weakest link may not be firewalls or encryption, but the people inside the system—those with real-time access to customer records.
Comments