INTERPOL has coordinated a major cybercrime crackdown across 19 African countries, leading to the arrest of 574 suspects and the recovery of about $3 million (Sh386 million) during a month-long operation known as Operation Sentinel.
The operation, which ran from October 27 to November 27, targeted three of the most prevalent cybercrime threats on the continent: business email compromise (BEC), digital extortion and ransomware.
These crimes were identified as rapidly growing risks in INTERPOL’s 2025 Africa Cyber Threat Assessment Report.
According to INTERPOL, investigators across participating countries took down more than 6,000 malicious online links and successfully decrypted six distinct ransomware variants during the operation.
The cases handled over the one-month period were linked to estimated financial losses exceeding $21 million, underlining the scale of cyber-enabled crime facing African economies.
Several high-impact interventions highlighted the importance of speed and cross-border cooperation.
In Senegal, authorities moved swiftly after a major petroleum company detected a sophisticated BEC scheme. Fraudsters had infiltrated the company’s internal email systems and impersonated senior executives to authorize a fraudulent wire transfer worth $7.9 million (Sh1.01 billion).
By urgently freezing the destination accounts, Senegalese investigators were able to stop the transfer before any funds were withdrawn.
Ghana also featured prominently in the operation. A financial institution in the country suffered a ransomware attack that encrypted around 100 terabytes of data and resulted in the theft of approximately $120,000 (Sh15.5 million), disrupting critical services.
Ghanaian authorities carried out advanced malware analysis to identify the ransomware strain and develop a decryption tool, allowing them to recover nearly 30 terabytes of data. INTERPOL said multiple suspects have been arrested in connection with the attack.
In a separate investigation, Ghanaian law enforcement dismantled a cyber-fraud network operating across Ghana and Nigeria that defrauded more than 200 victims of over $400,000 (Sh51.6 million).
The suspects used professionally designed websites and mobile applications to mimic well-known fast-food brands, collecting online payments for orders that were never delivered. Ten suspects were arrested in Ghana, more than 100 digital devices were seized, and 30 fraudulent servers were taken offline.
Elsewhere, authorities in Benin shut down 43 malicious domains and more than 4,300 social media accounts linked to extortion schemes and scams, leading to 106 arrests. In Cameroon, police issued an emergency bank freeze within hours after tracing a phishing campaign linked to an online vehicle sales scam to a compromised server.
“The scale and sophistication of cyberattacks across Africa are accelerating, especially against critical sectors like finance and energy. The outcomes from Operation Sentinel reflect the commitment of African law enforcement agencies, working in close coordination with international partners,” said INTERPOL’s Director of Cybercrime Neal Jetton.
INTERPOL said the operation was supported by private sector partners including Team Cymru, The Shadowserver Foundation, Trend Micro, TRM Labs and Uppsala Security, which provided technical expertise to trace malicious infrastructure and help freeze illicit financial assets.
