ESET’s Allan Juma on the rising tide of cryptocurrency scams and cyber fraud

Cryptocurrency is being touted as Africa’s path to financial inclusion, but for a growing number of users it has become the bait in increasingly sophisticated fraud schemes. According to INTERPOL’s 2025 Africa Cyberthreat Assessment Report, suspected fraud notifications have risen by nearly 3,000% in some African countries, driven by everything from fake AI trading platforms and counterfeit smartphones loaded with malware, to hijacked social media accounts of prominent public figures being used to lend fake legitimacy scams.

TechTrends Media sat down with Allan Juma, Lead Cyber ​​Security Engineer at ESET East and Southern Africa, to unpack what’s fueling this boom, the tactics fraudsters are using to exploit Africa’s rapid digital adoption, and why the continent’s regulatory frameworks are struggling to keep up.

Allan also shares practical steps users can take to protect their funds and identities in an increasingly hostile digital landscape.

How would you describe the current landscape of cryptocurrency scams and cyber fraud in Africa?

Citing recent reports from bodies such as Interpol and Afrepol, the current landscape is an escalating security crisis. Notifications of suspected scams have increased, with INTERPOL’s 2025 Africa Cyberthreat Assessment Report revealing a rise of almost 3,000% in some African countries. Africa is both a source and a target for sophisticated cybercrime. The complexity of these threats ranges from locally run Ponzi schemes to complex, coordinated cross-border fraud syndicates. The continent’s rapid digital adoption has overtaken both regulation and financial literacy, creating an almost perfect environment for fraudsters.

What are some of the factors driving the rise of crypto-related fraud across the digital financial ecosystem in Africa? And what are some of the most common types of cryptocurrency scams targeting users in Africa?

The factors driving the rise of crypto-related fraud include economic vulnerabilities, where instability, currency devaluation and poverty make African users an attractive target, as well as literacy and oversight gaps, including financial illiteracy and weak regulation. Some of the most common types of crypto scams include Ponzi and pyramid schemes, fake AI-powered trading platforms, romance scams that flow into fake crypto investments, phishing via WhatsApp and SMS, business email compromise, and fraudulent mobile loan apps.

Why are investment-based crypto scams particularly effective at luring individuals?

Investment-based crypto scams are effective for several compelling reasons, making them very attractive to first-time investors across the continent. First, the region has seen explosive growth in mobile connectivity, along with a concerted effort to make Internet access more affordable for all. Second, this digital acceleration has coincided with a very young population eager to explore avenues of rapid wealth creation. The instability and tendency towards hyperinflation in many local currencies greatly increases this appeal, positioning crypto-investments as a seemingly attractive alternative.

What roles do fake trading platforms and fraudulent mobile apps play in these schemes?

Africa’s rapidly growing mobile and fintech ecosystems are fertile ground for fake apps and trading platforms designed to exploit human trust. Fraudulent apps are the vehicle of choice because mobile penetration in Africa has outstripped financial literacy and regulatory oversight. Researchers at Palo Alto Networks have uncovered a campaign responsible for creating a large number of scam crypto-investment platforms distributed via both websites and mobile apps, mainly targeting users in East Africa. Fraudulent loan applications are a particularly acute issue. Operation Red Card 2.0 (December 2025 – January 2026) specifically targeted this infrastructure behind high-yield investment scams, mobile money fraud and fraudulent mobile loan applications. A second major threat comes from counterfeit mobile phones, which act as a ‘Trojan horse’ for malware delivery. There are two levels to this:

Factory level pre-installed malware: Counterfeit versions of popular smartphone models are sold at discounted prices making them attractive to the masses. These phones are already infected with bloatware and malware configured to download malicious payloads, including infecting cryptocurrency apps with a stealer that intercepts transaction requests. The second level is a lack of standardization that creates a regulatory vacuum. The absence of a unified mobile device standard across Africa creates compounding risks where the continent is literally a dumping ground for all kinds of phones, the counterfeit, the inherently weak and the possible contamination of legitimate brands.

What are some of the warning signs that users often overlook when getting involved in crypto investment opportunities?

Despite the growing threat, the biggest red flags are often ignored. This includes:

Guaranteed returns: No legal investment can guarantee profit. Promises of 100% returns or companies with less than four years of operating history are classic but often ignored red flags. Urgency or immediate action: Scammers use this tactic to create a ‘Fear of Missing Out’ (FOMO) trigger, which preys on the desire for a quick windfall of money. Unverified apps or APK downloads: As mentioned earlier, fake apps are the driving force behind these scams.

What makes wallet theft and credential theft such a big threat in the crypto space?

Wallet and credential theft pose a major threat in cryptospace because they target the user’s private keys or login credentials, which are the sole controllers of access to funds and offer no possibility of recovery or reversal. Unlike traditional banking, there is no central authority to recover stolen assets once they have been transferred, meaning any successful breach is final. Attackers use highly scalable methods such as phishing websites, fake wallet apps, malicious browser extensions, and social engineering to trick users into revealing seed phrases or approving fraudulent transactions. These tactics exploit human error, urgency, and limited security awareness, especially in mobile-first environments where users often rely on unofficial apps or links. Once credentials are compromised, funds can be drained immediately, and victims are frequently retargeted by secondary “repair” scams, compounding the damage.

How do scammers exploit trust in social media platforms to promote fraudulent crypto schemes? Cybercriminals are increasingly taking over the social media accounts of high-profile African figures from Ghana’s President John Mahama to South Africa’s Julius Malema and in Kenya, the late Raila Odinga’s account to exploit their widespread influence and promote cryptocurrency scams. Apart from these account hijacking tactics, the DCI in Kenya dismantled the notorious Mulot boys cartel. This operation, carried out at the busy Mulot market, was part of a wider effort to combat digital fraud, which has become increasingly common in Kenya.

How well are the current regulatory frameworks addressing cryptocurrency scams and cyber fraud in Africa?

And what challenges do law enforcement agencies face when investigating cross-border crypto-fraud networks? The regulatory picture is improving but remains dangerously fragmented. As of 2025, countries such as Uganda, Tanzania, Cameroon and Zambia have no dedicated crypto laws or official licensing systems for crypto businesses, while Kenya only signed its Virtual Asset Service Providers Act into law in October 2025, and is still undergoing nationwide consultation on the newly drafted regulations. Even where frameworks exist, the application lags badly. In Nigeria, while the legal framework for virtual asset service providers exists under the Investments and Securities Act 2025, no active enforcement measures or penalties have been introduced. Law enforcement faces several core challenges: the pseudonymous and cross-border nature of cryptocurrency. Only 30% of African countries have incident reporting systems, 29% have digital evidence repositories and 19% have cyber threat intelligence databases. When perpetrators operate from foreign jurisdictions, the required international cooperation is slow and resource-intensive

What practical steps can users take to protect themselves from cryptocurrency scams and cyber fraud?

Users must:

Verify Licensing: Always confirm that the platform is officially licensed by the national financial regulator (eg the CBK in Kenya) before committing funds. Never click on unsolicited links: Go directly to official URLs. Never click on links received via SMS, WhatsApp or email. Enable multi-factor authentication: Implement multi-factor authentication on all crypto and financial accounts to add a necessary layer of security Be skeptical of app store apps: Only download apps from verified developers with substantial track records and independent reviews. Buy mobile phones only from authorized retailers to avoid devices with pre-installed malware and bloatware. Never share private keys or seed phrases with anyone, under any circumstances. Treat any promise of guaranteed profits as an automatic red flag. No legal investment can offer such certainty. If you suspect that remote access software such as AnyDesk or TeamViewer has been installed on your device under the guise of ‘technical support’, treat the device as compromised immediately.

Any closing comments?

Africa’s crypto and cyber fraud crisis is much more than a technology problem. This is the result of various factors such as economic hardship, infrastructural gaps, regulatory immaturity and the persistent exploitation of public trust by sophisticated criminal networks. If we fail to establish proper guardrails, the continent’s important digital financial revolution, meant to empower its people, will instead be weaponized against them. Addressing this requires a unified effort, where regulators, telecoms, financial institutions, device manufacturers and citizens all act together, as no single entity can close every gap. For now, awareness remains the most cost-effective and scalable defense we have.

Go to TECHTRENDSKE.co.ke for more technology and business news from the African continent and around the world.

Follow us on WhatsApp, Telegram, Twitter and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss any future updates. Send tips to [email protected]