Back

Kenyan Pharmacist Loses Sh13.9 Million in SIM-Swap Fraud; Arrests Made

Severity: High (Score: 65.2)

Sources: Streamlinefeed.Co.Ke, Allafrica

Published: 2026-06-08 · Updated: 2026-06-08

Keywords: sim-swap, arrested, fraud, sh450, pharmacist, sh13, million

Summary

A pharmacist in Kenya was defrauded of Sh13.9 million through a sophisticated SIM-swap scam. The attack began with a Sh200 transaction that allowed criminals to gather personal details and execute a SIM replacement. This enabled them to access the victim's mobile banking applications and bypass two-factor authentication. The funds were quickly transferred to various mule accounts and cryptocurrency exchanges. Following the incident, the Directorate of Criminal Investigations (DCI) arrested nine suspects linked to the fraud ring. In a separate case, a man was arrested for defrauding another victim of Sh450,500 using a similar method. The incidents highlight vulnerabilities in mobile banking security as Kenya moves towards a cashless economy. Key Points: • A pharmacist lost Sh13.9 million in a SIM-swap fraud executed through social engineering. • Nine suspects have been arrested in connection with the larger fraud ring responsible for the theft. • The incidents reveal significant vulnerabilities in Kenya's mobile banking security systems.

Detailed Analysis

**Impact** Two separate SIM-swap fraud incidents targeted Kenyan individuals, resulting in financial losses of Sh13.9 million and Sh450,500 respectively. Victims include a pharmacist and a woman using Safaricom's Daima service, both losing access to their M-Pesa mobile money accounts. The fraud affected personal finances and business capital, with funds rapidly dispersed through mule accounts and cryptocurrency exchanges, complicating recovery efforts. The incidents occurred within Kenya, impacting the financial and telecommunications sectors. **Technical Details** Attackers used social engineering to initiate a nominal M-Pesa transaction for reconnaissance, followed by SIM replacement via compromised telecommunications protocols, likely involving insider collusion. The SIM swap enabled interception of SMS-based OTPs, bypassing two-factor authentication to access mobile banking applications. Funds were transferred through multiple accounts and virtual wallets to obscure trails. Investigations recovered multiple SIM card holders and mobile devices linked to suspects. No specific malware, CVEs, or infrastructure details were disclosed. **Recommended Response** Telecommunications providers should enhance SIM swap verification processes and monitor for unusual SIM replacement requests, prioritizing detection of insider threats. Financial institutions must transition away from SMS-based OTPs toward hardware security keys or biometric authentication to prevent OTP interception. Deploy monitoring for rapid, high-value transfers and implement transaction anomaly detection. Law enforcement and cybersecurity teams should track mule accounts and virtual wallets associated with these frauds.

Source articles (2)

  • Pharmacist Loses Sh13.9 Million in Sophisticated SIM-Swap Fraud Syndicate — Streamlinefeed.Co.Ke · 2026-06-05
    A meticulously planned SIM-swap scam has drained Sh13.9 million from a pharmacist in minutes. Detectives have arrested nine suspects linked to the fraud ring. A meticulously orchestrated cyber-heist h…
  • Man Arrested Over Sh450,500 SIM-Swap Fraud Targeting M-Pesa Account — Allafrica · 2026-06-08
    Nairobi — A man suspected of defrauding a woman of Sh450,500 through a SIM-swap scheme has been arrested by detectives from the Directorate of Criminal Investigations (DCI), bringing to an end a month…

Timeline

  • 2024-05-24 — Victim's mobile services stopped: A woman in the US discovered her M-Pesa services were inactive after returning to Kenya.
  • 2024-10-15 — Fraudulent withdrawals made: Sh450,500 was withdrawn from the victim's M-Pesa account in two transactions linked to a suspect's mobile number.
  • 2026-06-05 — Pharmacist reports theft: A pharmacist reported losing Sh13.9 million due to a SIM-swap fraud scheme initiated by a small transaction.
  • 2026-06-05 — Nine suspects arrested: The DCI arrested nine individuals believed to be part of the fraud ring responsible for the pharmacist's loss.
  • 2026-06-08 — Suspect arrested for Sh450,500 fraud: Oscar Livondo was arrested for defrauding a woman of Sh450,500 through a SIM-swap scheme.

Related entities

  • Phishing (Attack Type)
  • Kenya (Country)
  • United States (Country)
  • Financial (Industry)
  • Telecommunications (Industry)
  • Daima (Platform)
  • M-Pesa (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed