Law enforcement agencies in seven African countries have apprehended 306 suspects and seized 1,842 devices as part of an international operation dubbed Red Card that occurred from November 2024 to February 2025.
The joint operation, as per INTERPOL, aimed to disrupt and dismantle transnational criminal networks responsible for significant harm to individuals and businesses, focusing on targeted scams involving mobile banking, investment, and messaging apps.
The cyber-enabled scams impacted over 5,000 victims, with participating countries including Benin, Côte d’Ivoire, Nigeria, Rwanda, South Africa, Togo, and Zambia.
Neal Jetton, Director of INTERPOL’s Cybercrime Directorate, highlighted the success of Operation Red Card, underscoring the importance of international cooperation in combating cybercrime that transcends borders and inflicts severe consequences on societies.
He added, “The recovery of substantial assets and devices, alongside the arrest of key suspects, sends a strong message to cybercriminals that they will face consequences for their actions.”
Nigerian authorities detained 130 individuals, including 113 foreigners, for their alleged involvement in online casino and investment fraud schemes. Some of the suspects exploited in scam operations were reportedly victims of human trafficking, coerced into carrying out illicit activities.
In a separate operation, South African officials arrested 40 individuals and confiscated more than 1,000 SIM cards utilized in large-scale SMS phishing attacks.
In Zambia, authorities nabbed 14 suspected members of a criminal syndicate involved in hacking victims’ phones to illicitly access their banking applications by deploying malware through SMS phishing links. Group-IB revealed that the malware not only enabled unauthorized access to banking apps but also provided control over messaging apps to propagate the fraudulent links.
Kaspersky, a Russian cybersecurity firm, collaborated with INTERPOL by sharing insights on a malicious Android application targeting users in African nations and details on related infrastructure.
Rwandan officials also apprehended 45 members of a criminal network engaged in social engineering scams that defrauded victims of over $305,000 in 2024, with $103,043 recovered and 292 devices seized.
The scams involved tactics like impersonating telecom employees to extract sensitive information and posing as ailing family members to solicit financial aid from relatives.
Recently, INTERPOL partnered with the African Development Bank Group to enhance efforts in combating corruption, financial crime, cyber-enabled fraud, and money laundering in the region.
In a separate incident, law enforcement in Thailand and Singapore arrested an individual responsible for numerous data breaches worldwide, employing SQL injection tools and Cobalt Strike Beacons to compromise internet-facing Windows servers.
The threat actor targeted databases containing personal data, exfiltrating and in some cases encrypting the information for financial extortion purposes. Various entities across different countries had their data leaked on dark web platforms.
The suspect, operating under different aliases, consistently uploaded stolen data screenshots from the same device, leaving a distinct operational signature.
Additionally, nearly a dozen Chinese nationals were arrested for engaging in tap-to-pay fraud involving the use of stolen credit card information to purchase gift cards and launder illicit funds.
