advertisement
Deepfake Scams, AI Malware Raise Cyber Risks In Kenya
Kenya continues to face growing exposure to sophisticated cyber threats, with deepfake-enabled investment scams and AI-assisted malware emerging as some of the most pressing risks, according to ESET’s latest Threat Report.
The ESET Threat Report for the second half of 2025 (H2 2025), which covers the period from June to November 2025, highlights how rapid advances in artificial intelligence are reshaping the cybercrime landscape globally, with direct implications for organisations and individuals in Kenya.
Speaking during regional briefings, ESET experts noted that socially engineered fraud remains the most significant cyber risk in the country. Investment scams, in particular, are increasingly being amplified through deepfake videos, impersonation, and AI-generated content designed to appear highly convincing across social media and online advertising platforms.
advertisement
ESET Research observed a continued rise in HTML-based scam campaigns, including the Nomani investment scam, which recorded a 62% year-on-year increase globally. These campaigns now frequently rely on high-quality deepfake videos, AI-generated phishing websites, and short-lived advertising campaigns that disappear quickly to evade detection.
Allan Juma, Lead Cyber Security Engineer at ESET, said the region has experienced a notable surge in deepfake impersonation attacks.
“A recent high-profile case involving a deepfake video impersonating a prominent Kenyan political figure to promote a fraudulent investment scheme shows how quickly these scams can spread across social media and even mainstream media, It demonstrates how realistic deepfakes significantly accelerate both the reach and the impact of fraud,” Juma said.
advertisement
Mobile-related threats are also evolving rapidly. ESET reported that near-field communication (NFC) threats grew by 87% globally in H2 2025, becoming more advanced and diverse. NGate, one of the earliest known NFC-based threats first identified by ESET, was upgraded with contact-stealing capabilities, potentially paving the way for more complex attacks.
ESET also uncovered RatOn, a new malware strain combining remote access trojan (RAT) functionality with NFC relay attacks. RatOn was distributed through fake Google Play pages and advertisements masquerading as an adult version of TikTok and a digital banking identity service, underscoring how cybercriminals continue to exploit trusted platforms and brands.
Global threat developments are further shaping the risk environment for Kenyan organisations. In H2 2025, ESET discovered PromptLock, the first known AI-driven ransomware capable of dynamically generating malicious scripts during execution. While AI-powered malware remains relatively rare, researchers warn that artificial intelligence is increasingly being used to enhance phishing campaigns, scams, and impersonation tactics, all of which underpin many fraud schemes targeting Kenya.
advertisement
Ransomware activity continues to rise worldwide, with ESET projecting a 40% year-on-year increase in publicly reported ransomware victims compared with 2024. Ransomware-as-a-service groups such as Akira and Qilin now dominate the global landscape, while newer entrants like Warlock are introducing advanced evasion techniques. The growing use of EDR (endpoint detection and response) killers highlights the ongoing efforts by ransomware operators to bypass enterprise security controls.
However, Juma noted that the true scale of ransomware in Kenya is difficult to assess.
“Many ransomware incidents in Kenya are handled quietly, with limited public disclosure. This under-reporting reduces visibility and makes it challenging to fully understand the extent of ransomware activity in the country,” he said.
Kenya is also playing an active role in combating cyber-enabled crime. The country participated in Operation Sentinel, a joint law enforcement initiative coordinated by INTERPOL and AFRIPOL, which led to 574 arrests and the recovery of approximately USD 3 million linked to cybercrime across participating countries.
ESET’s findings underscore the growing need for Kenyan organisations to strengthen cyber awareness, invest in advanced security controls, and remain vigilant as AI-driven threats continue to evolve at speed.