DCI Reveals How Scammers Use Phishing to Steal Personal Information
The Directorate of Criminal Investigations (DCI) has cautioned Kenyans to be on the lookout for the growing wave of phishing scams that target personal and financial information.
In a public alert shared on X (formerly Twitter) on Tuesday, October 7, 2025, the DCI revealed that cybercriminals are using deceitful online tactics to trick unsuspecting users into revealing confidential data such as ID numbers, passwords and credit card details.
“Crime proceeds are no longer hidden under mattresses. They’re laundered through complex corporate structures, global bank accounts, real estate and cryptocurrency. Our response must evolve just as quickly,” the DCI statement read.
The agency said phishing involves fake emails, links or websites that mimic legitimate institutions to trick users into sharing private details. Fraudsters create urgency or curiosity in their messages using phrases like “Click here to get unlimited talk time” or “Your account will be closed in 24 hours” to lure victims.
Phishing getting more sophisticated
According to the DCI, scammers are using more advanced methods including fake emails and SMS messages that look authentic. Once a victim enters personal information—such as one-time passwords (OTPs) or date of birth—the attacker captures the data for malicious use.
The DCI has advised the public to be cautious and not to click suspicious links, download attachments or open unsolicited messages from unknown senders.
“Do not trust messages asking for personal or financial details. Always verify with the institution before responding,” the agency said.
Weak passwords fueling cybercrime
Earlier on October 2, 2025, the DCI had raised alarm over the rising number of cyber attacks in the country, attributing many of them to weak passwords and poor cybersecurity habits. The agency recommended that Kenyans adopt stronger password practices—such as creating passwords up to 64 characters long and using spaces—to reduce their vulnerability.
The statement noted that weak password habits, rapidly evolving hacking techniques and institutional oversights have made users an easy target for cybercriminals.
As phishing and cyber attacks continue to rise locally and globally, the DCI has vowed to track down digital fraudsters and urged Kenyans to stay informed, secure their accounts and be safe online.
Also Read: *Pastor Ng’ang’a in Hot Soup After ‘Assault Confession’ Video Goes Viral
DCI Reveals How Scammers Use Phishing to Steal Personal Information
![TSC Bans 21 Degree Programs from Teaching Eligibility, PGDE Not a Remedy [List]](https://flashnews.co.ke/wp-content/uploads/2025/05/Marketable-Courses-for-D-D-and-D-Students-in-Kenya-8-100x70.jpg "TSC Bans 21 Degree Programs from Teaching Eligibility, PGDE Not a Remedy [List]")