A transnational phone scam known as Wangiri is on the rise in Kenya, warns the country’s Directorate of Criminal Investigations (DCI Kenya). Addressing these invisible syndicated scams is a global challenge and Kenya, with its robust telecommunications infrastructure, is a prime target.
Wangiri, a Japanese word meaning ‘one telephone ring and cut,’ sees criminals defrauding unwitting victims when they return a missed international call. The call is charged to the victim at a high cost, with the scammers claiming the fee.
Unlike other scams, such as the business email compromise, Wangiri uses uncomplicated technology and may target anyone with a SIM card connection. The scam exploits people’s innate curiosity to follow up on a missed international call. The country of origin of the call may vary, but could also tally with where the victim has a relative, applied for a job, or visited before.
Once the victim returns the call, the criminals use tactics to keep them on the line for as long as possible to incur higher charges. Some callers are put on hold, spoken to in a foreign language, told they’ve won a lottery or that they are being head-hunted for a job interview.
An engineer working with a telecommunications company in Kenya who requested anonymity explained how the scam works. Although the phone numbers take the prefix of telecommunications companies, almost all are sourced from the deep web, making them difficult to trace.
Once a person calls the number back, money is deducted instantly from their SIM-linked account and routed to the deep web. The scammers then cash out the money using sophisticated and rapidly evolving methods. Kenyan law enforcement agencies are still figuring out these techniques and how to disrupt and prevent the practice – something that is easier said than done.
Of Kenya’s 53-million population, the number of active mobile telephone subscribers as of March 2020 stood at over 55-million. This translates to a SIM card penetration of 116.1% – the highest proportion in East Africa and among the top 10 in Africa according to GSMA Intelligence. Kenya is thus a preferred target for Wangiri scammers.
A DCI Kenya officer who spoke to ENACT said many complaints had been received on the scam via Twitter and Facebook. However, DCI can only investigate these complaints when a case is logged at a police station. Many Kenyans avoid reporting crimes at police stations as this is generally a very lengthy process. This means that DCI cannot respond to the many Wangiri complaints.
Another DCI officer explained there was no specific legal framework for investigating and prosecuting cases of the Wangiri scam. The officer, who has handled other scam cases, said police had to rely on different laws and bodies to investigate these tech-enabled crimes.
The laws currently used are the Kenya Information and Communications Act, 1998 and the Computer Misuse and Cybercrimes Act, 2018. The bodies responsible for telecommunications security are the phone companies such as Safaricom and Airtel and government, with the main task falling on the Communications Authority of Kenya.
Cases forwarded to the respective phone companies and the Communications Authority Incident Response Team took a long time to be investigated and few were resolved, according to the DCI officer. One case was resolved through cooperation between Kenya and Vodafone – a UK-based company. In this instance, the officer said, the process took 30 days and the client was refunded. This is exceptional and far from the experience of most Kenyans.
Tackling this form of transnational syndicated scam is difficult, not only for Kenya but for many countries in Africa and the world. Tracing, investigating and arresting criminals who run these operations virtually, internationally and through the deep web is almost impossible. It is easy for offenders to hide when activities are invisible and run across jurisdictions.
DCI Kenya officers suggested possible measures to disrupt the scammers. First, police systems of reporting and logging cases should be reviewed to encourage victims to report and speed up police responsiveness. This will provide relevant authorities with evidence about the scale and severity of the problem.
Second, civic awareness campaigns and related preventive measures could alert people to the risks. Third, at the strategic level, telecommunications companies and government bodies need to examine the evidence and develop responses that secure clients and citizens, and at the least block numbers reported to them by victims.
Most of these measures are preventive and would take time to produce results. The techniques used by criminals are also evolving, with scammers increasingly sourcing locally based numbers to con Kenyans. Phone companies are overwhelmed with the volume of numbers needing to be blocked from the deep web.
Transnational organised crime expands with development. For a country like Kenya that enjoys a robust telecommunications infrastructure, criminals who operate virtually will see it as a lucrative and easy target. Government and the private sector need to respond with advanced tech capabilities and innovative responses such as crime-proofing SIM number registration.
Written by Mohamed Daghar, Researcher, ENACT project, ISS
This article was first published by the ENACT project. ENACT is funded by the European Union (EU). The contents of this article are the sole responsibility of the author and can under no circumstances be regarded as reflecting the position of the EU.