NAIROBI, May 15 (Xinhua) -- "Don't send money on the other phone number, use this line." This is a message many Kenyans have received on their mobile phones lately.
It is among the most circulated in the country by fraudsters, targeting mobile-money users, and many people have fallen for it and lost cash.
Cybercriminals in the east African nation have devised many ways to steal from mobile-money and internet users, both corporates and individuals.
Increased internet usage, mobile-money ubiquity and the spread of cashless services in Kenya seem to have created a perfect environment for the cybercriminals to thrive.
At the end of December 2018, Kenya's total number of active internet subscriptions stood at 46 million, up from 33 million of a year earlier, according to the Communication Authority of Kenya (CA).
One of the things that have contributed to the rise in internet use is increased adoption of smartphones and social media.
Many government and private organizations like banks have also automated their services, making it convenient for citizens to use the internet.
On the other hand, mobile money use continues to soar, with Kenya's 45 million subscribers transacting a record 1.06 trillion shillings (about 10.6 billion U.S. dollars) in the first quarter of 2019, up from 36 billion dollars for the whole year in 2018, according to the Central Bank.
Some of the organizations increasingly targeted by fraudsters, in addition to ordinary Kenyans, are banks, savings and credit societies, government agencies and telecommunication companies.
Kenyan companies lost 300 million dollars to cybercriminals last year, up from 210 million dollars in 2017, as the fraudsters stepped up their activities, Serianu, a firm that monitors cyber-attacks, said on Tuesday.
"This includes 80 million dollars in direct cost from money lost in attacks or ransom paid to free up stolen data and over 200 million dollars in indirect costs involving buying of equipment and software, training personnel and monitoring systems to prevent attacks," noted Serianu chief executive William Makatiani.
The attacks organizations in Kenya face include data breaches, data manipulation, email phishing, abuse of privilege access and system misconfigurations.
In the last quarter of 2018, according to the latest CA data, there was an increase in the number of cyber threats in Kenya, with attacks standing at over 10.2 million in the three months, compared to 3.8 million in the previous quarter.
Banks and credit societies are some of the easy targets, according to Serianu, with attackers leveraging on database manipulation.
Peter Chacha, a journalist in Nairobi, is among ordinary Kenyans who have recently lost cash to fraudsters.
For the past one week, Chacha has been frequenting his bank trying to figure out how 200 dollars was withdrawn from his account, although he did not do the transaction.
"The bank has informed me it is investigating and that in case I was not involved, I would get my money back," he said on Wednesday. "I am hopeful all will go well."
To help curb fraud, Kenyan banks and telecommunication firms are educating the public on how to stop the crime, reminding customers to secure their bank and mobile-money passwords and report scam messages.
Bernard Mwaso of the Nairobi-based Edell IT Solution noted that with increased internet and mobile-money usage, cybercrime is to stay.
"Increased consumer awareness and tightening of cyber security is the way to go to help curb the fraud but criminals are always ahead of their victims," he said.
"That is why in Kenya, even large organizations like the telecoms are struggling to keep up with the frequency and complexity of attacks targeting the firms themselves and their customers," Mwaso said.