Kenya is facing a new wave of cyber threats powered by artificial intelligence, with deepfake scams and AI-generated malware emerging as some of the most serious risks to businesses and everyday users.
That’s according to the latest ESET H2 2025 Threat Report, which analysed cyber threat data from June to November 2025. The report highlights that Kenyan organisations and internet users remain highly exposed to socially engineered fraud, especially investment scams amplified through deepfake videos, impersonation, and AI-built phishing infrastructure.
ESET researchers say scammers are now using high-quality deepfake videos and fake websites generated by AI to run sophisticated investment fraud campaigns. One global scam tracked by ESET, known as the Nomani investment scam, grew by 62% year-on-year, and similar techniques are now being seen in Kenya.
“A recent incident where a deepfake video impersonated a prominent Kenyan political figure to promote a fraudulent investment scheme shows just how fast these scams can spread,” said Allan Juma, Lead Cyber Security Engineer at ESET. “These videos look real, sound real, and make scams far more convincing than before.”
Beyond deepfakes, ESET also flagged the rise of NFC-based mobile fraud, where attackers use malicious apps to steal card data or relay payments without a user’s knowledge.
New malware like NGate and RatOn combined classic remote-access trojan features with NFC relay attacks, allowing criminals to control devices and intercept payments.
ESET also discovered the first known AI-driven ransomware, named PromptLock, which can dynamically generate malicious scripts while running.
Even when AI isn’t fully automated, it’s already being used to write phishing messages, generate fake websites, clone voices and faces for impersonation and improve scam targeting.
Globally, ESET projects a 40% increase in publicly reported ransomware victims compared to 2024. But in Kenya, experts warn the real number is probably much higher.
“Many ransomware incidents in Kenya are handled quietly,” Juma said. “That limits public visibility into the true scale of the problem.”
Organisations often avoid disclosure due to reputational risk, regulatory uncertainty, or fear of panic.
Law Enforcement Is Fighting Back
Kenya has also been part of international efforts to counter cybercrime. Through Operation Sentinel, coordinated by INTERPOL and AFRIPOL, authorities across participating countries made 574 arrests and recovered around USD 3 million linked to cyber-enabled crimes.
For these and more stories, follow us on X (Formerly Twitter), Facebook, LinkedIn and Telegram. You can also send us tips or reach out at [email protected].
Also Read: Phishing Now Africa’s Leading Cyber Threat, ESET Warns
