A new report has lifted the lid on the biggest cyber threat of 2024—insider-led fraud—exposing how rogue employees helped criminals infiltrate financial systems and steal billions.

The Digital Identity Fraud in Africa Report reveals that insider-assisted account takeover fraud (ATO) surpassed traditional hacking methods such as phishing and credential stuffing, making institutions more vulnerable than ever.

West Africa recorded the highest number of cases, with major incidents also surfacing in East Africa.

Banks and fintech firms found themselves particularly exposed, as some of their own employees enabled fraudsters to bypass security systems.

Highlighting the extent of the problem, Mark Straub, CEO of Smile ID, noted that several banks were forced to take drastic action.

Read More

  1. Ogilvy Africa launches Ogilvy One to transform customer engagement
  2. Starlink unveils Nairobi PoP to reduce latency for its users across East Africa
  3. Africa urged to reclaim its narrative as media bias costs Sh544 billion annually

“In Q2 2024, Nigerian banks terminated multiple employees implicated in fraud, costing the sector billions. Similar cases were reported in Kenya and Uganda,” he said.

Unlike external cyberattacks, insider-assisted fraud presents a unique challenge because it can bypass traditional security measures, including multifactor authentication.

Fraudsters either exploit stolen credentials or gain direct access from complicit employees, making detection far more difficult.

Straub emphasised the growing need for security systems that can quickly adapt to new threats.

“The future of fraud prevention lies in adaptability. While AI provides fraudsters with powerful new tools, it also helps security practitioners harness global intelligence to counter zero-day attacks and automate processes that were once manual,” he explained.

The report, which analysed over 110 million identity verification attempts across Africa, also found that East Africa struggled with identity verification due to inconsistent records.

It noted that document authentication failures were more frequent in this region than anywhere else on the continent.

“East Africa also recorded the highest rejection rate for combined biometric and document verification attempts, reaching 27 per cent in 2024, primarily due to the reliance on outdated, inconsistent, and poor-quality identity documents, which hindered the verification processes,” the report states.

Despite some progress in fraud detection, cybercriminals adapted quickly, shifting their focus to biometric verification systems.

This evolution in attack methods led to significant financial losses across key markets. The report highlighted one of the biggest fraud incidents of the year, revealing that a leading Kenyan lender lost billions to cyber fraud.

“Despite improvements in KYC processes, overall fraud losses escalated in key African markets, including Kenya, where one of the country’s largest lenders lost Sh1.5 billion to fraud, according to reports,” it reads.

Another alarming finding was the timeframe in which fraudulent activities peaked. The report showed that cybercriminals were most active at night, with fraud rates surging between 10 PM and 6 AM East Africa Time (EAT), reaching a high point at 2 AM.

This trend suggests that criminals exploit the late hours when security monitoring is less vigilant.

To combat these threats, financial institutions are increasingly relying on mobile security tools. The report found that Mobile Software Development Kits (SDKs) played the biggest role in detecting fraudulent activities, accounting for 68 per cent of all identified cases.

Other security integrations contributed 32 per cent, underscoring the growing importance of mobile-based verification systems.

While financial institutions continue to face mounting cyber threats, fintech platforms with weak know-your-customer (KYC) protocols remain particularly vulnerable.

Fraudsters exploit these gaps by creating fake accounts to launder money, further complicating fraud prevention efforts. Straub stressed the need for a joint effort to tackle these vulnerabilities.

“Fintech platforms with weak know-your-customer protocols remain the most vulnerable, as these bad actors use identity farming to create fraudulent accounts that conceal the origins of illicit funds. Tackling these vulnerabilities requires collaboration between industries, governments, and technology providers to create a safer digital ecosystem.”

As fraudsters continue to refine their tactics, experts warn that a proactive and collaborative approach is necessary to secure Africa’s digital financial landscape.

The report serves as a call to action, urging financial institutions, regulators, and technology firms to strengthen security measures and protect users from evolving cyber threats.