Authorities across seven African countries have arrested 306 suspects and seized 1,842 devices in a major international operation aimed at disrupting cybercrime networks and cyber-enabled scams.
The operation, known as Operation Red Card, took place between November 2024 and February 2025 and targeted cross-border criminal syndicates. In particular, the operation focused on scams related to mobile banking, investment fraud, and fraudulent messaging apps, affecting more than 5,000 victims.
In Nigeria, the largest number of arrests were made, with 130 individuals taken into custody, including 113 foreign nationals. The suspects are alleged to have been involved in various forms of cyber fraud, including online casino and investment scams. The recruitment of foreign nationals allowed the scams to be operated in multiple languages, broadening their reach.
Some of those arrested were reportedly victims of human trafficking, coerced or forced into participating in the criminal schemes. Nigerian authorities also made seized 26 vehicles, 16 houses, 39 plots of land, and 685 devices.
In South Africa, 40 individuals were arrested in connection with a complex SIM box fraud scheme, which reroutes international calls to appear as local ones. This fraudulent system is commonly used by criminals to conduct large-scale SMS phishing attacks, or “smishing,” targeting individuals and businesses to steal sensitive data.
Authorities in South Africa seized over 1,000 SIM cards, along with 53 desktops and computer towers linked to the fraud operation.
In Zambia, police arrested 14 individuals suspected of being part of a criminal syndicate that engaged in hacking victims' phones. The group was found to be sending fraudulent messages containing malicious links. When recipients clicked on the links, malware was installed on their devices, enabling the criminals to gain access to the victim’s banking apps. The hackers also used victims’ messaging apps to share the malicious links within their contacts and group chats.
Authorities in Rwanda arrested 45 individuals involved in social engineering scams that defrauded victims of more than $305,000 in 2024. The criminals used various methods to manipulate victims, including posing as telecommunications employees and claiming fake ‘jackpot’ wins to steal banking details. Another common tactic involved impersonating an injured family member to request financial assistance for hospital bills.
During the investigation, Rwandan authorities recovered $103,043 and seized 292 devices linked to the scams.
