Diana Kinyanjui 
Phishing remains Africa’s top cyber threat, according to ESET’s latest bi-annual Threat Report. Data and expert insight collected between November 2024 and May 2025 reveal that phishing accounts for 31% of cyber incidents across the continent – surpassing the global average of 28%. Africa’s digital waters continue to be prime hunting grounds for cybercriminals, with phishing bringing in the catch of the day.
“This surge in phishing attacks reflects the growing pains of Africa’s rapid digital transformation,” says Allan Juma, Cyber Security Engineer at ESET East Africa. “People and businesses are moving online faster than security measures can keep up, creating gaps that cybercriminals are quick to exploit. It’s a perfect storm of opportunity and vulnerability.”
To capitalize, attackers are increasingly targeting the continent’s digital blind spots with more sophisticated scams, zeroing in on credentials, personal data, and financial access points – leveraging the rapid growth of digital banking and mobile money platforms like M-Pesa, EcoBank, and GTBank. One of the fastest-growing threats is SMS phishing, where fake text messages impersonate trusted providers to steal PINs or authorize fraudulent transactions.
Beyond the immediate financial impact, the growing threat of phishing reveals deeper systemic challenges. “Cybercriminals are exploiting not only technical weaknesses but also gaps in user awareness,” says Juma. “These scams are masterclasses in manipulation, preying on trust, urgency, and misinformation with alarming success. To tackle this evolving threat, we need a united effort to educate users and strengthen digital defenses across the continent.”
Global data – emerging trends
The ESET Threat Report also highlights the meteoric rise of ClickFix, a once-obscure technique that has quickly evolved into a major global cyber threat. “Between late 2024 and early 2025, ClickFix detections surged by 517%, making it the second most prevalent attack vector after phishing. It now accounts for nearly 8% of all blocked attacks and is one of the fastest-growing threats we’ve ever seen,” says Juma.
ClickFix deceives users into executing malicious PowerShell commands – a legitimate tool used to manage and automate tasks on a computer through typed instructions. The scam presents fake error messages or CAPTCHA prompts on the victim’s device, urging them to ‘fix’ the issue by pasting a provided script into PowerShell or a terminal. Once activated, it unleashes a dangerous arsenal of threats, from infostealers and ransomware to remote access trojans. While the threat is gaining ground globally, accounting for 7.7% of cyberattacks worldwide, its footprint in Africa remains smaller, with detections at 6.8% across the continent.
In some parts of Africa, activity linked to ClickFix is now on par with or even surpassing the global average. “It’s quietly but quickly spreading across the continent,” says Juma. “Fueled by fast-paced digital adoption and limited public awareness, this emerging threat could soon become one of the most disruptive forces in Africa’s cyber landscape if left unchecked. We need to build a culture where digital vigilance is instinctive, empowering people to spot threats early and prevent cyber damage before it happens.”
The ESET Threat Report is released twice a year and includes data from across the globe – as well as expert insight on key trends. To access the full report, click here.
SALM TEAM 
