Phishing continues to dominate as Africa’s foremost cyber threat, according to ESET’s latest bi-annual Threat Report.
Data and expert analysis from November 2024 to May 2025 reveal that phishing attacks account for a staggering 31% of cyber incidents across the continent—exceeding the global average of 28%.
Africa’s rapidly expanding digital landscape has sadly become fertile hunting grounds for cybercriminals, who reel in their catch of the day with cunning phishing schemes.
“This surge in phishing attacks reflects the growing pains of Africa’s rapid digital transformation,” says Allan Juma, Cyber Security Engineer at ESET East Africa. “People and businesses are moving online faster than security measures can keep up, creating gaps that cybercriminals are quick to exploit. It’s a perfect storm of opportunity and vulnerability.”
Cyber adversaries are increasingly honing in on Africa’s digital blind spots, deploying ever more sophisticated scams that target credentials, personal data, and financial access points.
They capitalize on the explosive growth of digital banking and mobile money platforms like M-Pesa, EcoBank, and GTBank. One of the most insidious and fast-growing threats is SMS phishing—or “smishing”—where fraudulent text messages impersonate trusted providers to pilfer PINs or authorize unauthorized transactions.
Beyond the immediate financial fallout, this phishing tsunami exposes deeper systemic issues. “Cybercriminals are exploiting not only technical weaknesses but also gaps in user awareness,” Juma explains. “These scams are masterclasses in manipulation, preying on trust, urgency, and misinformation with alarming success. To tackle this evolving threat, we need a united effort to educate users and strengthen digital defenses across the continent.”
Emerging global threat trends
The ESET Threat Report also shines a light on the meteoric rise of ClickFix, a once-obscure cyberattack method that has ascended rapidly to become one of the most prevalent global threats. “Between late 2024 and early 2025, ClickFix detections surged by 517%, making it the second most common attack vector after phishing. It now accounts for nearly 8% of all blocked attacks and is among the fastest-growing threats we’ve ever encountered,” notes Juma.
ClickFix tricks users into executing malicious PowerShell commands—a legitimate Windows tool used to automate tasks—by presenting fake error messages or CAPTCHA prompts.
Victims are prompted to ‘fix’ the issue by pasting a supplied script into PowerShell or a terminal, unknowingly unleashing a dangerous arsenal, including infostealers, ransomware, and remote access trojans. While ClickFix is globally responsible for 7.7% of cyberattacks, its footprint in Africa currently stands at 6.8%.
“In some African regions, activity linked to ClickFix is now matching or even exceeding the global average,” says Juma. “It’s quietly but rapidly spreading across the continent. Fueled by fast-paced digital adoption and limited public awareness, this emerging threat could soon become one of Africa’s most disruptive cyber forces if left unchecked. We need to foster a culture where digital vigilance is instinctive, empowering people to detect threats early and prevent cyber damage before it happens.”
Why is phishing becoming a pain in the neck for Africa?
Phishing remains one of Africa’s most persistent and difficult cyber threats to combat, with real-world consequences that ripple across economies, government agencies, and millions of digitally connected citizens. A complex blend of technological, social, and economic factors has made the problem uniquely stubborn on the continent—experts and recent reports point to several key reasons.
Chronic skills, resource gaps
A 2025 survey by KnowBe4 highlights that “Africa is underprepared to combat phishing attacks,” noting that training and digital literacy remain “critically low.”
Anna Collard, senior vice president at KnowBe4 Africa warns: “The majority of cybersecurity incidents go unreported or unresolved, meaning that cyber threats in Africa are likely much worse than recognized”.
Up to 90% of African countries report a major shortage of qualified cybersecurity professionals—a figure confirmed by INTERPOL, which stresses that “law enforcement’s ability to tackle these threats remains limited”.
Rapid digital growth outpaces security
The continent’s explosive adoption of digital services, particularly in banking, mobile money, and cloud computing, has not been matched by investment in cybersecurity.
The Kaspersky Africa Cyberthreat Landscape Report notes a “growing sophistication among attackers, who are increasingly trying to exploit unpatched systems, insider vulnerabilities, and the proliferation of remote work infrastructure across African organizations”. This means the “attack surface”—all the potential points for a digital attack—expands faster than defenses.
Localized attacks via AI
Modern phishing in Africa leverages social engineering, artificial intelligence, and locally relevant tricks. INTERPOL’s 2025 Africa Cyberthreat Assessment Report warns that “phishing tactics have become increasingly tailored, localized, and technologically sophisticated, evolving beyond traditional mass email scams.”
Tactics now include SMS (“smishing”), voice-based scams (“vishing”), and faked social media job offers, often exploiting “emotional triggers and local languages.”
Criminals deploy AI to generate “highly targeted and extremely convincing” messages that are hard for average users to distinguish from legitimate information.
Weak law enforcement
A lack of robust legal frameworks, underreporting of incidents, and weak prosecution further hobble progress. INTERPOL’s Cybercrime Director Neal Jetton states that “no single agency or country can face these challenges alone,” underscoring the scale and transnational nature of phishing syndicates. Even high-level law enforcement initiatives have yet to close the resource gap.
An ethical hacker interviewed by Ecofin Agency explains: “Africa combines structural weaknesses that facilitate attacks with specific strengths that could lead to homegrown cyber resilience. Infrastructures are often heterogeneous and poorly configured. There is also a marked shortage of cybersecurity skills.”
Digital communication relies heavily on unsecured channels like SMS and WhatsApp, making them ideal entry points for phishing and automated social engineering attacks.
Tony Anscombe, Chief Security Evangelist at ESET, summarizes: “Cybercriminals know that African businesses, governments, and individuals store a significant amount of their information online, which means ample opportunity for attacks”.
With scam notifications and phishing attacks rising as much as 3,000% in some countries over the past year, African leaders and security experts argue that only continent-wide collaboration, education, and investment in homegrown cybersecurity solutions can hope to turn the tide.
