Influx of Fake Mobile Applications Fueling Cyber Fraud in Kenya

An influx of fake mobile applications in online stores such as App Store and Play Store has been found to expose Kenyans to increased cyber-attacks and fraud. This is according to the latest sector statistics report by the Communications Authority of Kenya (CA).

The report covering October-December 2018 shows a dramatic spike in malware attacks, targeting mobile devices and which has seen unsuspecting Kenyans defrauded in online platforms.

In the three months, the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), detected 10.2 million cyber threats, up from 1.8 million reported in the previous quarter, 9 million of which were Malware attacks.

‘‘In particular, there was a rise in cases of malware and the sale of stolen data and credentials including personal data and credit card information,’’ notes the report in part.

The cyber threat events detected varied from Denial-of-Service (DOS) attacks which hampered the availability of computer services; online abuse which included online fraud, hate speech, incitement to violence and fake news; online impersonation via social media accounts and domain names; web application attacks which included website defacement and illegal access to online applications; Malware attacks which mainly included phishing attacks; and attacks perpetrated through the exploitation of misconfigured systems.

Related Content

• Why Kenyan Businesses Should Prioritize on Cybersecurity
• Kenya ranked third African Country committed to cybersecurity

During the period under review, cyber threat advisories were issued to the affected organizations marking a 91 percent increase from the advisories sent out to affected institutions in the previous quarter.

According to the report, cybercriminals usually target their attacks on end users who have limited cybersecurity skills.

In 2017 alone, reports indicate that Kenya lost an estimated 210 Million US dollars (21 Billion Shillings). This is approximately 57 million shillings per day.

33 percent of the cyber fraud cases were in the Banking and Financial Services sector which lost approximately 70 million USD (7 Billion shillings).

12 percent of the cases involved Mobile-based transactions which totaled to 25 million USD (2.5 billion shillings).