A growing share of reported crimes in Africa is cyber-related, according to INTERPOL’s 2025 Africa Cyberthreat Assessment Report.

Two-thirds of the Organisation’s African member countries surveyed said that cyber-related crimes accounted for a medium-to-high share of all crimes, rising to 30 per cent in Western and Eastern Africa.

Online scams, particularly through phishing, were the most frequently reported cybercrimes in Africa, while ransomware, business email compromise (BEC) and digital sextortion also remain widespread.

“This fourth edition of the INTERPOL African Cyberthreat Assessment provides a vital snapshot of the current situation, informed by operational intelligence, extensive law enforcement engagement and strategic private-sector collaboration,” Neal Jetton, INTERPOL Cybercrime Director, said. “It paints a clear picture of a threat landscape in flux, with emerging dangers like AI-driven fraud that demand urgent attention. No single agency or country can face these challenges alone.”

“Cybersecurity is not merely a technical issue; it has become a fundamental pillar of stability, peace, and sustainable development in Africa,” Ambassador Jalel Chelba, Acting Executive Director of AFRIPOL, added. “It directly concerns the digital sovereignty of states, the resilience of our institutions, citizen trust and the proper functioning of our economies.”

Africa’s top cyberthreats

In the past year, suspected scam notifications rose by up to 3,000 per cent in some African countries, according to data from Kaspersky – one of several private sector partners that works with INTERPOL’s cybercrime directorate.

Ransomware detections in Africa also rose in 2024, with South Africa and Egypt suffering the highest number, at 17,849 and 12,281 detections respectively according to data from Trend Micro, followed by other highly digitized economies such as Nigeria (3,459) and Kenya (3,030).

Incidents included attacks on critical infrastructure, such as a breach at Kenya’s Urban Roads Authority (KURA), and on government databases, such as hacks of Nigeria’s National Bureau of Statistics (NBS).

BEC-related incidents also rose significantly, with 11 African nations accounting for the majority of BEC activity originating on the continent. In West Africa, BEC fraud has driven highly organized, multi-million-dollar criminal enterprises, such as transnational syndicate Black Axe.

Sixty per cent of African member countries reported an increase in reports of digital sextortion, where threat actors use sexually explicit images to blackmail their targets. The images can be authentic – shared voluntarily or obtained through coercion or deception – or they can be generated by artificial intelligence.

Law enforcement challenges

Cybercrime continues to outpace the legal systems designed to stop it, according to African law enforcement. Seventy-five per cent of countries surveyed said their legal frameworks and prosecution capacity needed improvement.

At the same time, countries also reported struggling to enforce the existing laws on cybercrime, with 95 per cent of respondents reported inadequate training, resource constraints and a lack of access to specialised tools.

Despite rising caseloads, most African member countries surveyed still lack essential IT infrastructure to combat cybercrime. Just 30 per cent of countries reported having an incident reporting system, 29 per cent a digital evidence repository and 19 per cent a cyberthreat intelligence database.

While cybercrime routinely crosses national borders, 86 per cent of African member countries surveyed said their international cooperation capacity needs improvement due to slow, formal processes, a lack of operational networks, and limited access to platforms and foreign-hosted data.

Cybercrime investigations increasingly rely on cooperation from private sector partners, yet 89 per cent of African countries said their cooperation with the private sector needed ‘significant’ or ‘some’ improvement due to unclear channels for engagement, low institutional readiness and other barriers.

Strengthening cyber resilience

Nevertheless, the INTERPOL report also details positive steps that many African member countries have made to strengthen their cyber resilience.

Several African countries advanced their legal frameworks, harmonising cybersecurity laws with international standards. Many countries also enhanced their cybercrime response capabilities, investing in specialised units and digital forensics infrastructure.

This increased operational capacity was demonstrated in two high-impact international cybercrime operations coordinated by INTERPOL – Operation Serengeti and Operation Red Card – which collectively led to more than 1,000 arrests and the dismantling of hundreds of thousands of malicious networks.

To further improve Africa’s cybercrime response capabilities, the INTERPOL report proposes six strategic recommendations, including improving regional and international cooperation, expanding prevention and public awareness, and leveraging emerging technologies.

INTERPOL’s Africa Cyberthreat Assessment is part of the Organisation’s African Joint Operation against Cybercrime (AFJOC) initiative, which is aimed at strengthening the capability of African law enforcement to prevent, detect, investigate and disrupt cybercrime. The AFJOC initiative is supported by the United Kingdom’s Foreign, Commonwealth and Development Office.

In addition to information gathered from INTERPOL member countries in Africa, the Assessment benefits from data contributed by private sector partners Bi.Zone, Group-IB, Kaspersky and Trend Micro.

You can download the INTERPOL’s 2025 Africa Cyberthreat Assessment Report here.

Alternatively, to read more INTERPOL news, click here.