Over the past years, organisations have boosted their digital protection budgets and early detection systems making it hard for cyber breaches. ESET cybersecurity engineer Allan Juma during an interview with the Star /JACKTONE LAWI Kenya is losing billions of shillings annually to cybercrime as attackers shift strategy from targeting large organisations to exploiting the mass market through social media, deepfakes and high-reach digital platforms.
Experts say this shift is making cybercrime more widespread, faster and harder to control. Over the past years, organisations have boosted their digital protection budgets and early detection systems making it hard for cyber breaches. Industry experts say the evolution marks a turning point in how cybercriminals operate, moving from technically complex corporate breaches to scalable, consumer-focused scams that prioritise reach and speed over sophistication.
ESET cybersecurity engineer Allan Juma says traditionally, cyber attacks in Kenya largely targeted institutions, banks, telcos and government agencies, through methods such as ransomware and network breaches. “The model has changed, attackers are no longer just going after companies.
They are now targeting the masses because that’s where the money is,” said Juma. ESET in their latest findings for the Kenyan market, show that, while these threats persist, there is now a noticeable pivot towards individuals, enabled by the rapid growth of social media and digital financial services.
“A notable example occurred in 2025 when the social media account of late opposition leader Raila Odinga was compromised and used to promote a fake cryptocurrency scheme,” Juma told the Star in an interview.