African law enforcement agencies are making significant strides in their battle against cybercrime syndicates attempting to infiltrate various nations on the continent.
In December and January, officers from 16 African countries collaborated with Interpol and private companies to dismantle major cybercriminal operations. These included investment fraud rings in Nigeria and Kenya, a mobile loan fraud operation in Côte d'Ivoire, and a syndicate in Nigeria that had compromised the internal systems of a prominent telecommunications provider. According to a February 18 announcement from Interpol, this operation, known as Red Card 2.0, resulted in 651 arrests and the recovery of over $4.3 million.
The international coalition worked closely with local law enforcement, providing essential resources, actionable intelligence, and training. Enrique Hernandez Gonzalez, assistant director of cybercrime operations at Interpol, emphasized the importance of this collaboration.
"Operation Red Card 2.0 served as a deterrent, sending a clear message to both active and potential offenders that such criminal activities will not be tolerated," he stated. "Recent operations indicate strong engagement from African member countries, with increasing results reflecting a commitment to tackling this threat."
This latest operation follows several other law enforcement initiatives, such as Operation Serengeti, Operation Sentinel, and the original Operation Red Card.
Cybercrime has become a growing concern in Africa, attracting Southeast Asian cybercrime syndicates looking to expand their reach. Both international and local criminals are increasingly leveraging AI services and large language models to enhance their attacks. For instance, AI-generated phishing attacks can achieve a 54% click-through rate, representing a 4.5-fold improvement over earlier campaigns.
Public-Private Partnerships
To effectively address the surge in cybercrime, African law enforcement agencies are collaborating more closely, harmonizing legal frameworks, and standardizing essential equipment and investigative methods through National Liaison Offices (NLOs).
Additionally, Interpol has partnered with local law enforcement and private companies to provide threat intelligence, analyze malware and threat campaigns, and identify the infrastructure utilized by cybercriminals. Trend Micro contributed threat intelligence to Interpol and local law enforcement during Operation Red Card 2.0, including analyses of loan app scams employed by criminals.
Another partner, threat-intelligence provider Team Cymru, utilized network telemetry and various datasets to trace the infrastructure and activities associated with crypto-related scams and financial fraud. These cybercriminal operations have reportedly siphoned off over $45 million from consumers and businesses, according to Jacomo Piccolini, community manager at Team Cymru.
Team Cymru's research confirmed a trend noted by the broader security community: cyber-enabled fraud in Africa is becoming increasingly organized, scalable, and transnational. Piccolini pointed out, "What stands out is how effectively criminal networks exploit the rapid growth of mobile financial services and digital connectivity across African markets. This is not opportunistic crime; it is structured, and the infrastructure supporting it easily crosses borders."
For Community and Country
Many local law enforcement groups still lack the necessary resources to support investigations and turn intelligence into actionable insight, according to Joshua Paul Ignacio, a senior threat researcher at Trend Micro. He emphasized the importance of educating users about cyber-fraud and common cybercriminal tactics.
"Governments should prioritize raising awareness about safe internet practices and the common tactics used by cybercriminals," Ignacio stated. "As the number of internet users in the region continues to rise, educating the public on how to navigate the internet safely is essential."
Hernandez from Interpol also underscored the need for collaboration that extends beyond law enforcement. Interpol is working on "active cyber offender prevention," aiming to divert individuals with cybersecurity skills from criminal activities to positive contributions in their communities.
"Cybercrime cannot be mitigated by involving only law enforcement agencies; it requires support from all stakeholders in the cyber-ecosystem to work together and make Africa a safer region," he remarked.
Operation Red Card 2.0 highlights the critical importance of the intelligence-sharing pipeline between the private sector and law enforcement. When done effectively, intelligence sharing can yield significant benefits. However, Piccolini noted that private companies and government agencies often hesitate to share information.
"Cybercrime moves faster than any single organization can track on its own," he explained. "Formalizing channels for private sector threat intelligence to reach law enforcement, as was achieved in this case, should be institutionalized rather than treated as a case-by-case arrangement."
