A multi-agency team investigating cyber fraud has uncovered a sophisticated scheme in which cybercriminals target retired civil servants by impersonating bank customer care representatives. These fraudsters employ advanced tactics such as spoofing bank telephone numbers and colluding with insiders to siphon funds from unsuspecting victims.
According to security agencies, the criminals spoof banks’ customer care numbers or use near-identical numbers that differ by just one digit, making it easy to convince retirees that they are speaking to legitimate bank representatives. Once trust is established, the fraudsters execute their plan with alarming precision.
Investigators have revealed that bank insiders play a crucial role in this scam. These insiders notify the criminals when a retiree receives a pension or any other substantial deposit in their bank account. The criminals then initiate a small transfer typically between Ksh. 100,000 and Ksh. 150,000 to an Airtel number linked to their fraudulent operation. This small transfer serves as a test run before the main attack begins.
The fraudsters then call the victim, using a spoofed number, and introduce themselves as bank customer care representatives. They inform the retiree that suspicious activity has been detected in their account and offer to help secure their funds before all their money is withdrawn. By creating a sense of urgency and fear, they manipulate the victims into cooperating without questioning the authenticity of the call.
Once the victim is convinced, the criminals instruct them to use their bank’s USSD code and transfer funds in batches via Pesalink to various bank accounts dictated by the fraudsters. By the time the victim realizes they have been duped, all their funds have been transferred to other banks beyond their control.
The consequences are devastating, as the retirees often find themselves penniless. When they reach out to their banks’ actual customer care, they discover that they were deceived. Unfortunately, banks do not compensate customers for losses that occur due to their own actions, leaving the victims with no financial recourse.
Security agencies have urged retirees to be cautious and verify any suspicious calls by contacting their banks directly using officially provided numbers. Financial institutions are also being called upon to enhance security measures to prevent insider collusion and unauthorized access to customer information.