It may sound like something out of science fiction, but there’s a new threat that’s becoming increasingly common in Africa. This is not an ordinary scam; it’s much more sinister than that.
The GhostCall malware Nigeria Kenya has been named so because criminals are employing this malicious software in order to exploit users in Nigeria and Kenya by hacking into their phones and stealing money from their bank accounts via false video calls and other tactics.
Mechanism of the GhostCall Attack
Unlike many other schemes, this is anything but arbitrary.
First Step – Initial Communication
Victims receive messages through channels such as Telegram from individuals claiming to be:
- Investors
- Recruiters
- Business Partners
They frequently employ stolen or cloned profiles.
Second Step – Fake Video Conference
You’re invited to join a “discussion” on seemingly familiar software, such as:
- Zoom
- Microsoft Teams
However, it’s just a replica of that platform.
Some assaults even use recordings or artificial intelligence to create convincing video streams.
Third Step – The Setup (Phishing Update Prompt)
Halfway into the discussion, you’ll get an error message.
You will be asked to:
- Press “update”
- Download something
Instead of an upgrade, you’re unknowingly installing malware.
Fourth Step – Covert Information Extraction
After installation, the malware (such as “SilentSiphon”) can:
- Collect saved passwords
- Access banking applications
- Decrypt crypto wallet codes
- Spy on users’ activities
This means your phone or computer has been compromised.
Reasons for Focusing on Nigeria and Kenya
The choice to target Nigeria and Kenya is no coincidence.
Both countries possess:
- The fast development of fintech technologies
- High adoption of mobile money services
- Digital banking services
These countries are especially vulnerable to cybercriminal attacks.
The country of Nigeria loses annually up to $12 million from various electronic scams, whereas Kenya is increasingly being subjected to mobile fraud.
Steps for Scanning Your Phone Right Away
Take the following actions:
Step 1: Install Secure Software
Download security apps from legitimate websites only (Google Play/App Store).
Step 2: Check for Unknown Software
Uninstall any apps you haven’t installed yourself.
Step 3: Check for Suspicious Permissions
Check whether there are applications with access to:
- Contacts
- Messages
- Storage space on your phone
- Apps responsible for payments
Step 4: Scan for Malware
Use malware scanning software.
You May Also Like
Explore Uganda gorilla tours cost details
Discover complete pricing, tips, and travel insights for planning your 2026 gorilla trekking adventure.
Check Chobe safari costs and pricing
Explore detailed safari expenses and budget tips for visiting Chobe National Park in 2026.
Discover safest cities for Africa travel
Check which African cities offer the safest and most secure experiences for tourists.
Explore romantic budget destinations in Africa
Discover affordable and dreamy African getaways perfect for couples on a budget.
Check if Accra Mall worth visiting
Explore what to expect, shopping highlights, and visitor tips for Accra Mall in 2026.
Protection against Possible Cyberthreats
Never Install Updates from a call
Install software updates from trusted sources only.
Do Not Follow Randomly Sent Meeting Links
If someone sends you a random meeting link, check if it’s authentic first.
Urgency Equals Danger
Scammers always create pressure. Actual companies won’t make you download anything urgently.
Verify Everything
Visit the actual website instead of following the links sent to you.
Conclusion
The case of GhostCall demonstrates the new wave of cybercrime.
These scammers don’t send phishing emails or links any longer but actively use AI, assume another identity, and create a believable setup right then and there.
In the context of digital banking and other payment apps, one should never be too careless.
As the threat demonstrated clearly, one single click could give them access to everything.
