Banking scams are an ever-present threat, with fraudsters continually devising new methods to steal money and personal information. A Visa “Stay Secure” study released in March 2025 revealed that 71% of Kenyan consumers had encountered digital fraud attempts, the highest rate in Sub-Saharan Africa. These scams range from phishing and identity theft to sophisticated account takeovers, posing significant risks to individuals and businesses alike.
According to TransUnion’s analysis for the first half of 2024, 4.6% of all digital transactions originating from Kenya were flagged as suspicious. Specifically, 4.8% of digital banking login attempts and account opening attempts were identified as potentially fraudulent. Retail and financial services were among the most targeted sectors. A 2021 FinAccess survey highlighted the growing concern, noting that 47.4% of mobile money users reported losing funds to fraud or errors, a drastic rise from 8.4% in 2019.
Below is an overview of common banking scams in Kenya and practical tips to avoid them.
Common Banking Scams in Kenya
1. Phishing Emails and Text Messages (Smishing)
Fraudsters send fake emails or text messages that appear to be from legitimate banks, warning of security breaches or account issues. These messages contain links to counterfeit websites designed to capture login credentials.
How to Avoid: Never click on links in unsolicited messages. Always access your bank account through its official website or app. If you receive a suspicious message, contact your bank directly using its official customer service number.
2. Fake Banking Apps and Websites
Cybercriminals create counterfeit banking apps or clone legitimate banking websites to steal sensitive data or install malware on users’ devices.
How to Avoid: Download banking apps only from trusted sources such as the Google Play Store or Apple App Store. Always check for “https” in the URL and confirm the bank’s official domain before entering login credentials.
3. ATM Skimming
Fraudsters install skimming devices on ATMs to capture card details and PINs. Some advanced skimmers are difficult to detect, as they are embedded inside the machine.
How to Avoid: Use ATMs in secure, well-lit locations, preferably inside bank branches. Inspect the card reader for loose parts and cover the keypad while entering your PIN.
4. Impersonation Scams
Scammers call or text, pretending to be bank representatives. They claim there is suspicious activity on your account and request sensitive information such as passwords or one-time passcodes.
How to Avoid: Banks never ask for full passwords, PINs, or one-time passcodes over the phone. If you receive such a call, hang up and contact your bank using an official number.
Read: NCBA Will Support SACCOs in Cybersecurity Efforts – John Gachora
5. Peer-to-Peer Payment Scams
Scammers trick victims into sending money via platforms like M-Pesa, PayPal, or other mobile wallets under false pretenses, such as claiming to have sent money by mistake or offering fake prizes.
How to Avoid: Only send money to trusted individuals. Double-check all transactions and avoid sending funds to strangers based on urgent requests.
6. Fake Check Scams
Scammers send fraudulent checks as payment for goods or services and request a portion of the money to be sent back before the check bounces.
How to Avoid: Never accept or deposit checks from unknown sources. Wait for a check to fully clear before using or forwarding funds.
Read: How to Choose the Right Bank for Your Business in Kenya
7. Account Takeover Fraud
Hackers gain access to bank accounts using stolen credentials, change contact details, and transfer funds before the account holder notices.
How to Avoid: Use strong passwords and enable two-factor authentication (2FA). Regularly monitor your account for any unusual activity and report suspicious transactions immediately.
Jefferson Wachira is a writer at Africa Digest News, specializing in banking and finance trends, and their impact on African economies.