Skip to main contentSkip to navigationSkip to navigation
Experts attribute the surge in cybercrime in Africa to rapid growth of internet use as a result of the Covid pandemic.
Experts attribute the surge in cybercrime in Africa to rapid growth of internet use as a result of the Covid pandemic. Photograph: Tony Karumba/AFP/Getty Images
Experts attribute the surge in cybercrime in Africa to rapid growth of internet use as a result of the Covid pandemic. Photograph: Tony Karumba/AFP/Getty Images

Gangs of cybercriminals are expanding across Africa, investigators say

This article is more than 1 year old

Online scams such as banking and credit card fraud are the most prevalent cyberthreat, says Interpol

Police and investigators fear organised gangs of fraudsters are expanding across sub-Saharan Africa, exploiting new opportunities as a result of the Covid-19 pandemic and the global economic crisis to make huge sums with little risk of being caught.

The growth will have a direct impact on the rest of the world, where many victims of “hugely lucrative” fraud live, senior police officials have said.

Experts attribute the surge in cybercrime in Africa to rapid growth of internet use at a time when police forces and criminal justice systems have been weakened by the economic consequences of a series of major challenges.

“The Covid-19 pandemic has accelerated digitalisation around the world, but as life has shifted increasingly online, cybercriminals have exploited the opportunity to attack vital digital infrastructure,” said Prof Landry Signé, a senior fellow at the Brookings Institution and author of a recent report on the problem. “States across Africa have emerged as a favourite target of cybercriminals, with costly consequences.”

Interpol have described online scams such as banking and credit card fraud as the most prevalent and pressing cyberthreat in Africa. The Covid-19 pandemic led to a sustained increase in the volume of cyber-attacks, including more than twice as many targeting online banking platforms, analysts at the organisation have said.

A major operation earlier this month coordinated by Interpol in 14 countries underlined the scale of the threat from cybercrime on the continent and beyond. Police arrested more than 70 alleged fraudsters linked to a Nigerian criminal network known as Black Axe in South Africa, Nigeria and Ivory Coast – as well as in Europe, the Middle East, south-east Asia and the US.

Almost 50 properties were searched and about $1m intercepted in bank accounts. A residential property, three cars, tens of thousands in cash and 12,000 sim cards were seized.

“It is way wider and broader than these 14 countries. We are dealing with a highly organised international network. These guys are not opportunists … We’re mapping them out around the world,” said Rory Corcoran, the acting head of Interpol’s new Financial Crime and Anti-Corruption Centre.

The recent raids across Africa targeted alleged members of Nigeria’s infamous Black Axe gang, which began as a student movement in Benin City in the 1970s but has since evolved into a global criminal network that specialises in fraud. A regional hub in South Africa was reportedly officially recognised by the Black Axe leadership in 2013, according to US legal documents viewed by the Guardian.

The trail leading to the arrests last month began in Ireland, when local police officers recovered phones and other devices belonging to fraudsters linked to Black Axe. Investigators recognised vocabulary typical of the group and were able to trace links back to west Africa.

A former South African criminal intelligence official said the impact of operations such as the arrests earlier this month should not be exaggerated, however.

“There may be a decrease in activity for a time, but does the organisation stop? Not really. They run these things really effectively and there are work arounds. You get a lot of publicity for law enforcement but really it’s little more than a speed bump for the criminals,” the official said.

Corcoran said arrests had a significant disruptive effect. Recently introduced improvements to coordination and communication between the banking sector and local police forces also allowed much more rapid tracking, seizure and restitution of stolen funds.

More than $120m has been seized this year, denying fraudsters such as Black Axe capital that could be reinvested in other forms of crime, such as forcing young west African women into sex work in Europe, buying weapons or the growing international traffic in methamphetamines.

The return of air travel after the pandemic has allowed fraudsters to move again between key hubs of activities, former investigators say. The United Arab Emirates, with its many air links and luxury lifestyle opportunities, has long been a favoured destination for west African fraudsters, for example. Dubai was a favourite base for Ramon Abbas, a flamboyant Nigerian who flaunted a lavish lifestyle fuelled by his efforts to launder millions of stolen dollars.

Abbas, under the name Ray Hushpuppi, had more than 2 million Instagram followers before he was arrested in 2020 in Dubai, the United Arab Emirates. His social media posts showed him living a life of luxury, complete with private jets, ultra-expensive cars, high-end clothes and $200,000 watches.

Ramon Abbas, aka Ray Hushpuppi, used to flaunt his lavish lifestyle on Instagram before his arrest. Photograph: Ray Huspuppi /Facebook

Earlier this month Abbas, 40, was sentenced in Los Angeles to more than 11 years in federal prison and ordered by a federal judge to pay $1.7m in restitution.

skip past newsletter promotion

Kenya is also a significant hub for digital extortion schemes, the FBI and Interpol believe, while South Africa is a major base for organised criminals operating across the continent.

“As well as hosting Black Axe groups, South Africa also helps enable their spread to other parts of the world … Black Axe members come to South Africa to obtain South African citizenship, which facilitates their travel to the US, Europe or Dubai,” Interpol said in a statement accompanying the raids this month. A second Nigerian network – known as the Air Lords – is also reported to be active in South Africa.

Many cyber frauds in Africa involve the use of online dating sites and apps to engage victims in fictitious romantic relationships in order to elicit money or personal and financial information.

“There’s been a significant growth in skills in the sector, with hacking and similar activities but also romance fraud. There’s an accumulation of experience about what to do and who to target,” said Mark Shaw, the director of the Global Initiative against Transnational Organized Crime.

A major romance fraud ring was cracked in October 2021 when seven members of Black Axe and a conspirator were arrested in Cape Town in a joint operation between the FBI, Interpol and South African police. The men were charged with running a fraud syndicate that had reportedly stolen $4m from about 100 US victims over a decade.

Gareth Newham, the head of justice and violence prevention at the Institute for Security Studies in Pretoria, said that the shortage of resources in cash-strapped economies was not the only problem allowing organised crime to flourish on the continent.

“The budget is not necessarily the issue. The South African police force is very well resourced but there has been a massive deterioration in capability. This has been more about very poor political leadership than any lack of funding,” said Newham.

“At the moment, there is a combination of opportunities for money laundering and weakening law enforcement and a limited ability of the state to keep up with a big growth too in cyber activity. Organised crime has really taken off in the past decade [in South Africa], especially the past five years.”

There are concerns that a global focus on African fraudsters could reinforce dangerous stereotypes.

“In the collective imagination, people refer to these preconceived ideas, perhaps because these are individuals who are receiving emails … but only a small proportion of cybercrime is originating in Africa,” Signé said. “The attacks on advanced economies are not coming from Africa but from geopolitical competitors.”

More on this story

More on this story

  • Ticketmaster hit by data hack that may affect 560m customers

  • Dmitry Khoroshev named as alleged leader of ransomware gang LockBit

  • Russia-based LockBit ransomware hackers attempt comeback

  • Seized ransomware network LockBit rewired to expose hackers to world

  • Prolific cybercrime gang disrupted by joint UK, US and EU operation

  • ‘This is what survivors look like’: the romance fraud victims who want to help others

  • Social media platforms and police not tackling romance fraud, MPs told

  • Ransomware attack on China’s biggest bank disrupts US Treasury market

  • UK consumers lose £580m to fraudsters in first half of 2023, figures reveal

  • I couldn’t stop Parcelforce delivering my £2,000 wedding dress to a scammer

Most viewed

Most viewed