Kenya’s central bank blames hackers for mobile banking fraud, but insiders may be the real threat

Summary

Customers across Kenya report receiving calls or texts immediately after deposits or payments, followed by unauthorised withdrawals. While the Central Bank of Kenya (CBK) frames the problem as a rising cyber-threat, victim accounts, former bank compliance staff and investigators point to insider collusion: tellers, mobile-money agents and corrupt officials who access and pass on customer data to syndicates.

CBK data shows cyber-fraud cases more than doubled in 2024, and the Communications Authority recorded billions of cyber-threats in early 2025. But many incidents appear to be “inside jobs” — fraud rings operating like call centres, recruiting unemployed youth as faux customer-service agents and using mule accounts, mobile wallets and crypto to launder proceeds. Banks have responded by sacking staff; Equity Group publicly fired 1,500 employees in a crackdown.

The article argues the real risk to Kenya’s fast-digitising financial system is less about distant hackers and more about the human links inside banks, agents and sometimes law enforcement that blur the line between cyber-attack, insider theft and organised crime.

Key Points

Customers get calls or phishing texts immediately after transactions, indicating real-time access to account activity.
CBK recorded a jump in reported cyber-fraud cases in 2024 and rising monetary exposure, but many losses may be unreported.
Investigations and ex-staff describe organised rings that recruit staff and pose as customer-service agents to steal funds.
Fraud proceeds are laundered via mobile-money wallets, mule accounts and sometimes cryptocurrency.
Big retail banks are prime targets because huge transaction volumes let scams hide in the noise.
Banks have started large-scale dismissals (e.g. Equity Group) to rebuild trust and deter insider abuse.
Under-reporting and stretched regulators mean official figures likely understate the scale and human element of the problem.

Context and relevance

This story matters to anyone who uses Kenyan banks or works in fintech, risk or compliance. It highlights a shift in the threat landscape: rapid digital adoption increases exposure, but the weakest link is often staff with access to live customer data. The piece ties together regulatory figures, victim testimonies and insider accounts to show why focusing solely on “hackers” misses the bigger problem.

For policy-makers, banks and investors, the article underscores why stronger internal controls, better staff oversight, incentives alignment and improved incident reporting are essential as Kenya’s finance sector grows.

Why should I read this

Short version: if you bank in Kenya, build or regulate fintech, or worry about fraud, this is worth your five minutes. It flips the usual story — it’s often not a faceless hacker but someone inside who sees your transaction and cashes out. The article gives real examples, hard stats and actions banks are taking, so you get the picture fast without scrolling through dozens of reports.

Author style

Punchy — the reporting pulls no punches and makes the case that insider risk is as dangerous (or worse) than remote cyber-attacks. Important reading for stakeholders who need to act, not just nod.