If it feels like the sheer volume of spam calls, suspicious texts, and login alerts has hit a fever pitch recently, the data backs you up. A new report from TransUnion analyzing trends for the second half of 2025 paints a grim picture of the digital security landscape in Kenya: fraudsters are aggressively targeting the account sign-up process, and the gaming sector has become their primary playground.
The H2 2025 Update to the Top Fraud Trends Report, released today, pulls data from billions of transactions across 40,000 websites and apps globally. The headline for Kenyan users? You are significantly more likely to be targeted by fraud than the average global citizen, and the methods being used are becoming increasingly personal.
The “New Account” Vulnerability
The report identifies a specific bottleneck in the digital lifecycle where security is failing: the moment of creation. In the first half of 2025, 4.4 percent of all new online account creation attempts in Kenya were flagged as suspected fraud.
While that percentage might sound small, in the world of high-volume digital transactions, it represents a massive vulnerability gap. This trend tracks with a global issue where account creation is now the highest-risk stage in the consumer lifecycle, with 8.3 percent of worldwide transactions suspected of being fraudulent.
The primary driver here isn’t just brute force; it’s sophistication. Fraudsters are exploiting the gaps in digital onboarding processes using a mix of stolen credentials, social engineering, and increasingly, AI-driven impersonation.
The Global ATO Spike
Once an account is created, keeping it is the next challenge. The report highlights a worrying rise in Account Takeover (ATO) attacks – where a bad actor gains unauthorized access to a legitimate user’s account.
Globally, ATO attempts jumped 21 percent year-over-year between H1 2024 and H1 2025. If you zoom out further, the trend line is even steeper: ATO attacks have risen 141 percent since 2021. This signals a sustained tactical shift where attackers are prioritizing the compromise of existing, trusted accounts rather than just creating fake ones.
Gaming: The New High-Risk Zone
Perhaps the most surprising data point concerns where this fraud is happening. In Kenya, the video gaming sector (which includes online betting and poker platforms) recorded the highest suspected fraud rate of any industry at 10.4 percent.
The volume of suspected fraud attempts in gaming surged by 49 percent compared to the previous year. TransUnion notes that this sector needs to move beyond reactive measures and implement identity, device, and behavioral analytics to stop the bleeding.
However, the data also shows massive variance between sectors. While gaming, government services (7.5 percent fraud rate), and logistics (7.8 percent fraud rate) saw high activity, other sectors saw significant drops in fraud volume.
Suspected Digital Fraud Attempts in Kenya (H1 2024 vs H1 2025):
- Gaming: 10.4% rate (+49% volume)
- Government: 7.5% rate (+44% volume)
- Logistics: 7.8% rate (-35% volume)
- Insurance: 4.8% rate (-39% volume)
- Retail: 3.2% rate (-96% volume)
- Financial Services: 2.2% rate (-56% volume)
- Telecommunications: 0.7% rate (-63% volume)
- Travel & Leisure: 0.1% rate (-87% volume)
- Communities (forums/dating): 2.6% rate (-28% volume)
The Vishing Epidemic
The report also included a consumer survey conducted between February and May 2025, and the disparity between Kenyan respondents and the rest of the world is stark.
While 48 percent of consumers globally reported being targeted by fraud schemes via email, online, phone, or text, that number skyrocketed to 81 percent in Kenya.
The method of choice in Kenya is “vishing” (voice phishing) – fraudulent phone calls designed to trick victims into revealing personal or financial info. It was the most common fraud type, reported by 46 percent of targeted Kenyans.
Top Fraud Vectors in Kenya:
- Vishing: 46%
- Money/Gift Card Scams: 45%
- Phishing: 41%
- Smishing (SMS phishing): 39%
This contrasts with the rest of the African continent, where money or gift card scams were the top reported fraud type in South Africa, Zambia, Rwanda, Namibia, and Botswana.
The Awareness Gap
Despite the high volume of attacks, there is a silver lining regarding awareness, though gaps remain. 19 percent of Kenyans were unaware they had been targeted – a figure that is actually much better than the global average, where 52 percent of consumers were oblivious to attempts made against them.
However, successful attacks are still happening. According to the survey, 10 percent of Kenyans targeted actually fell victim to the fraud. While South Africa reported a slightly higher victim rate at 13 percent, Kenya had the second-highest percentage of respondents in Africa admitting they had been successfully scammed.
The Technical Reality
The report concludes that while Kenya is advancing its defenses – banks and institutions are increasingly adopting AI-powered detection and biometric verification – the threat landscape is evolving just as fast. The shift toward AI-driven impersonation and the massive spike in gaming fraud suggests that static passwords and simple two-factor authentication may no longer be enough.
Amritha Reddy, senior director of fraud product management at TransUnion Africa, noted that businesses need to shift from reactive controls to “layered, proactive controls” including identity intelligence and behavioral analytics.
The data in this report is based on intelligence from TransUnion's fraud prevention solutions and a consumer survey across 18 countries, including specific regional data for Kenya, Botswana, South Africa, Rwanda, Zambia, Namibia, and international markets including the US, UK, and Canada.
