Kenyans Warned Over New Scam Fraudsters Are Using to Swindle Them

A file image of a woman using a phone.
A model illustration of a lady using a phone in an image dated 2019.
Simon Kiragu
Kenyans.co.ke

The Communications Authority of Kenya (CA) on Thursday, April 23 issued a public notice warning Kenyans over a new scam that has seen fraudsters wipe mobile money and bank accounts clean.

In the notice published on local dailies, CAK noted that the scam involved users receiving seemingly legitimate messages from the Communications Commission of Kenya (CCK), the precursor to CA, informing them that they had registered the maximum number of SIM cards for a single subscriber.

With a phone number provided for targeted individuals to supposedly receive assistance, the fraudsters proceed to trick the individuals into giving out crucial personal information such as national Identification (ID) card numbers, passwords, usernames, pins and credit/debit card details.

A user browsing through a smartphone for news.
A user browsing through a smartphone for news.
Simon Kiragu
Kenyans.co.ke

Using this information, the fraudsters go on to access various accounts; including social media, mobile money and bank accounts.

"It is important to note that mobile operators (or their agents) are the only entities authorised to register SIM cards.

"As the ICT sector regulatory agency, CA, therefore, would have no business seeking personal information from mobile subscribers for purposes of registration.

"In light of the foregoing, we urge the public to exercise caution and refrain from following the instructions in the messages including clicking on links provided on social media platforms," the regulator noted.

Kenyans were further urged to report similar cases to relevant authorities, with hotlines also provided.

Notably, there has been an increase in the reported cases of such scams, known as smishing scams, in various countries around the world in recent months.

On Wednesday, April 22, for example, it was reported by multiple outlets that the banking and mobile industries in the United Kingdom (UK) had joined forces with the nation's National Cyber Security Center (NCSC) to eradicate the scam.

The surge was linked to increased communication from government agencies to citizens during the Covid-19 pandemic, with fraudsters seizing the chance to craft seemingly official messages.

Other than being shared via text messaging, the scam can also be carried out through deceiving links on social media which, when clicked on, aid in the theft of personal information.

The system devised by UK authorities involved the creation of the SMS SenderID Protection Registry, which allows organisations to register the message headers used when sending messages to users.

Text messages sent out by fraudsters are cross-checked against the registry to confirm if they are legitimate and, if deemed fake, are not sent at all.

The program earned plaudits for being able to stop potential smishing attacks before they reach one's inbox.

Photo of a man using a phone in Nairobi
A man pictured using a phone in Nairobi
File
CGTN
  • .