Subtle ways cybercriminals employ to con Kenyans
Criminals are taking advantage of the fear created by the coronavirus and social distancing rules to defraud Kenyans through cybercrime.
With most people opting to shop or transact online, companies and law enforcement authorities are reporting an upsurge in online scams.
Economic crimes and internet-related fraud have surged across the world since Covid-19 was declared a global health pandemic last month.
Kenya, whose cybercrime and fraud rates are ordinarily way above global and continental averages, according to various statistics, has caught on the criminal wave.
One of the most common ways identified by the Saturday Nation through which Kenyans are scammed is through “phishing”.
Phishing is a form of cybercrime where targets are contacted by email or text messages by scammers posing as legitimate institutions.
The targets are then lured to provide sensitive information, such as their passwords, banking and credit card details.
Such information may be obtained by asking targets to fill in some forms thinking they are performing legitimate transactions, or unknowingly logging in to websites.
The malicious websites, if clicked on through hyperlinks, enable the scammers to access computer or mobile phones and steal sensitive information, including money from bank accounts or, in the case of Kenya, mobile money.
Mobile telephony giant Safaricom has in the past few days been trying to clarify to its subscribers that it is not offering any cash relief to help Kenyans cope with the effects of coronavirus.
This is after subscribers reported receiving text messages relaying the fraudulent information.
“Safaricom PLC will be giving out Sh2,500 to all its users during this corona pandemic to help people while staying at home. Claim your share now,” says one of the fraudulent test messages seen by the Saturday Nation.
Attached to the message is a hyperlink to a website that has since been pulled down.
“We are not carrying out any such activity, and always avoid engaging such strange sites that could be used to access your account and defraud you,” reads one response from Safaricom to a subscriber who had almost been conned.
Cybercriminals are also targeting Kenyans through a website that claims the government will offer them free internet data if they click on it.
“All Kenyan citizens are entitled to free 200GB of data to stay at home to counter Covid-19,” says the fraudulent post by the phishing website that is currently doing the rounds on Facebook.
The National Transport and Safety Authority (NTSA), too, has been forced to clarify to motorists after a malicious page appeared on Facebook called “Smart DL” that has been telling people it is issuing smart driving licences.
NTSA on March 16 suspended most of its services, including the issuing of driving licences. Several government departments have also stopped or minimised the range of services they are offering until the coronavirus is under control.
Cybercriminals like the ones behind the “Smart DL” scam have taken advantage of Kenyans desperate to get government services in order to con them.
“We request members of the public not to transact through that page,” says NTSA on the “Smart DL” scam.
Apart from phishing, cybercriminals are trying conning Kenyans by pretending to offer services or goods online in order to get money out of them.
One such scam identified by the Saturday Nation calls itself “Inua Wananchi Sacco”, which claims it can offer those who register with it for Sh1,000 a payment of Sh800 weekly for the next eight weeks.
Its Facebook page and website were pulled down after we started making inquiries.
It is also believed that several people or organisations claiming to be selling items related to preventing Covid-19, like face masks, hand sanitisers and gloves, could be con men. They usually ask for payment upfront but fail to deliver.
The Directorate of Criminal Investigations (DCI) has warned Kenyans to be vigilant. “Members of the public are warned that criminals are using the Covid-19 pandemic to scam them through the circulation of phishing emails purporting to sell non-existent items, and messages that are accompanied by links that purport to offer free goodies like data bundles, money and airtime, among other things,” said the DCI.
“Messages accompanying such links are enticingly packaged with captivating words meant to prompt potential but unsuspecting victims to click onto them with a promise of getting something declared therein,” said the DCI.