KAMPALA — As cybercrime continues its steady rise, posing a significant threat to Uganda’s financial sector, police have identified the primary methods criminals are using to steal billions from institutions and their customers.
During a recent presentation in Kampala titled “Cyber Tactics and Threat Actors,” D/SP Bill Ndyamuhaki, a cybercrime investigator with the Criminal Investigations Directorate (CID), outlined the leading avenues of fraud.
“The top cyber fraud vectors of 2025,” Ndyamuhaki said, include:
- Insider threats from current or former employees.
- Identity theft using fraudulent identification to open bank accounts.
- Phishing, or the use of deceptive messages to gain sensitive information.
- Mobile banking fraud facilitated by stolen phones or the disclosure of passcodes.
- Malware, such as ransomware, Trojans, and viruses.
- SIM swap fraud, which involves hijacking phone numbers to bypass two-factor authentication.
- Supply chain attacks that target third-party vendors.
- Data breaches and the unauthorized access of sensitive information.
- Abuse of privileged access.
According to the Uganda Police Annual Crime Report for 2024, cybercriminals stole more than 41 billion shillings, a figure Ndyamuhaki suggested is likely much higher today.
He explained that cybercrime is increasingly organized, with transnational syndicates targeting the financial sector for high-value gains. These criminals operate with a corporate-like structure, featuring a clear division of labor with specialists in reconnaissance, hacking, social engineering, and cashing out.
Fraudsters often target high-value accounts, salary processing periods, and dormant accounts. They also exploit vulnerabilities in mobile apps and devices. Attacks are frequently timed for peak periods, such as weekends and holidays, with criminals operating from different jurisdictions to complicate investigations.
To combat these threats, Ndyamuhaki recommended that financial institutions strengthen their defenses. He urged them to implement security awareness training for employees, flag high-risk accounts for 24/7 monitoring, and adopt biometric verification for customers. He also advised using stronger security measures like multi-factor authentication, conducting regular audits and incident response drills, and maintaining a close relationship with the CID.
Wilbrod Humphreys Owor, the Executive Director of the Uganda Bankers Association, noted that banks and their customers are the most frequent targets. He stressed the importance of having strong security mechanisms to prevent lapses that could erode public trust in financial institutions.
Chad Pollock, the General Manager and Vice President of Visa East Africa, echoed this sentiment. “At Visa, we believe that trust is the foundation of digital commerce,” he said. He added that strengthening cybersecurity is a societal and business imperative and that Visa is committed to working with partners like the Uganda Bankers Association to build resilience and share intelligence against emerging threats.
