•Online fraud accounts for more than 30% of all reported crimes

•Scam notifications rise by up to 3,000 per cent in selected African countries

The INTERPOL’s 2025 Africa Cyberthreat Assessment Report has indicated that a growing share of reported crimes in Africa is cyber-related,  rising to 30 per cent in Western and Eastern Africa during the year.

Online scams, particularly through phishing, were the most frequently reported cybercrimes in Africa, while ransomware, Business Email Compromise (BEC) and digital sextortion also remain widespread, the report stated.

INTERPOL Cybercrime Director, Neal Jetton, said: “This fourth edition of the INTERPOL African Cyberthreat Assessment provides a vital snapshot of the current situation, informed by operational intelligence, extensive law enforcement engagement and strategic private-sector collaboration.

“It paints a clear picture of a threat landscape in flux, with emerging dangers like AI-driven fraud that demand urgent attention. No single agency or country can face these challenges alone.”

Acting Executive Director of AFRIPOL, Ambassador Jalel Chelba, said: “Cybersecurity is not merely a technical issue; it has become a fundamental pillar of stability, peace, and sustainable development in Africa. It directly concerns the digital sovereignty of states, the resilience of our institutions, citizen trust and the proper functioning of our economies.”

In the past year, the report stated that suspected scam notifications rose by up to 3,000 per cent in some African countries, according to data from Kaspersky – one of several private sector partners that works with INTERPOL’s cybercrime directorate.

Ransomware detections in Africa also rose in 2024, with South Africa and Egypt suffering the highest number, at 17,849 and 12,281 detections respectively according to data from Trend Micro, followed by other highly digitised economies such as Nigeria (3,459) and Kenya (3,030).

Incidents included attacks on critical infrastructure, such as a breach at Kenya’s Urban Roads Authority (KURA), and on government databases, such as hacks of Nigeria’s National Bureau of Statistics (NBS), it added.

BEC-related incidents also rose significantly, with 11 African nations accounting for the majority of BEC activity originating on the continent. In West Africa, BEC fraud has driven highly organised, multi-million-dollar criminal enterprises, such as transnational syndicate Black Axe, the report said.

Sixty per cent of African member countries reported an increase in reports of digital sextortion, where threat actors use sexually explicit images to blackmail their targets. The images can be authentic – shared voluntarily or obtained through coercion or deception – or they can be generated by artificial intelligence, it added.

“Cybercrime continues to outpace the legal systems designed to stop it, according to African law enforcement. Seventy-five per cent of countries surveyed said their legal frameworks and prosecution capacity needed improvement.

“At the same time, countries also reported struggling to enforce the existing laws on cybercrime, with 95 per cent of respondents reporting inadequate training, resource constraints and a lack of access to specialized tools.

“Despite rising caseloads, most African member countries surveyed still lack essential IT infrastructure to combat cybercrime. Just 30 per cent of countries reported having an incident reporting system, 29 per cent a digital evidence repository and 19 per cent a cyberthreat intelligence database.

“While cybercrime routinely crosses national borders, 86 per cent of African member countries surveyed said their international cooperation capacity needs improvement due to slow, formal processes, a lack of operational networks, and limited access to platforms and foreign-hosted data, ” the INTERPOL report stressed.

Cybercrime investigations increasingly rely on cooperation from private sector partners, yet 89 per cent of African countries said their cooperation with the private sector needed ‘significant’ or ‘some’ improvement due to unclear channels for engagement, low institutional readiness and other barriers.

Nevertheless, the INTERPOL report also detailed positive steps that many African member countries have made to strengthen their cyber resilience.

Several African countries advanced their legal frameworks, harmonising cybersecurity laws with international standards. Many countries also enhanced their cybercrime response capabilities, investing in specialized units and digital forensics infrastructure.

This increased operational capacity was demonstrated in two high-impact international cybercrime operations coordinated by INTERPOL – Operation Serengeti and Operation Red Card – which collectively led to more than 1,000 arrests and the dismantling of hundreds of thousands of malicious networks, it added.

To further improve Africa’s cybercrime response capabilities, the INTERPOL report proposed six strategic recommendations, including improving regional and international cooperation, expanding prevention and public awareness, and leveraging emerging technologies.

INTERPOL’s Africa Cyberthreat Assessment is part of the Organization’s African Joint Operation against Cybercrime (AFJOC) initiative, which is aimed at strengthening the capability of African law enforcement to prevent, detect, investigate and disrupt cybercrime.

The AFJOC initiative is supported by the United Kingdom’s Foreign Commonwealth and Development Office (FCDO).