The Africa cybercrime operation resulted in 651 arrests across 16 nations. Operation Red Card 2.0 ran from December 2025 through January 2026, targeting high-yield investment scams, mobile money fraud, and fraudulent loan applications. Consequently, authorities recovered USD 4.3 million and exposed over USD 45 million in financial losses. Moreover, investigators identified 1,247 victims predominantly from the African continent. Therefore, this coordinated effort demonstrates the power of international collaboration. Indeed, the scale of disruption signals strong commitment to combating transnational cybercrime.

INTERPOL supported the Africa cybercrime operation through critical intelligence sharing and real-time information exchange. Specifically, the organization provided capacity-building activities including training on digital forensic tools. Moreover, partnerships with Cybercrime Atlas, Team Cymru, Trend Micro, TRM Labs, and Uppsala Security enhanced operational effectiveness. Therefore, participating countries received critical intelligence to guide enforcement actions. Additionally, this collaborative model strengthens regional cybercrime response capabilities. Indeed, coordinated efforts prove essential against sophisticated criminal networks.

The eight-week investigation revealed diverse scam models targeting vulnerable populations. Consequently, authorities seized 2,341 devices and took down 1,442 malicious IPs, domains, and servers. Moreover, the operation disrupted infrastructure supporting fraudulent activities across multiple countries. Therefore, criminals faced significant operational setbacks. Additionally, victim protection remained a central priority throughout enforcement activities. Indeed, the Africa cybercrime operation balanced disruption with prevention efforts.

Nigerian police dismantled a high-yield investment fraud ring recruiting young individuals for cyber-enabled crimes. Specifically, the syndicate used phishing, identity theft, social engineering, and fake digital asset investment schemes. Moreover, investigators took down over 1,000 fraudulent social media accounts. Consequently, authorities uncovered a residential property constructed by the ringleader to serve as the operational hub. Therefore, this case illustrates the organized nature of modern cybercrime. Indeed, the Africa cybercrime operation exposed sophisticated criminal infrastructure.

In a separate major success, Nigerian authorities arrested six members of a cybercrime syndicate that infiltrated a major telecommunications provider’s internal platform. Specifically, criminals used compromised staff login credentials to access systems. Moreover, the scheme involved siphoning significant volumes of airtime and data for illegal resale. Consequently, investigators disrupted operations causing substantial financial damage. Therefore, this case highlights insider threat vulnerabilities. Indeed, the Africa cybercrime operation addressed multiple attack vectors simultaneously.

Kenyan authorities made 27 arrests linked to fraud schemes using messaging apps and social media. Specifically, scammers used fictitious testimonials to lure victims into fake investments in reputable global corporations. Moreover, criminals solicited small initial investments as low as USD 50 with claims of lucrative returns. Consequently, victims received fabricated account statements or dashboards while withdrawal requests were systematically blocked. Therefore, these schemes exploited trust in established brands. Indeed, the Africa cybercrime operation revealed psychological manipulation tactics.

Côte d’Ivoire law enforcement made 58 arrests and seized 240 mobile phones, 25 laptops, and over 300 SIM cards in a targeted operation against mobile loan fraud. Specifically, these scams predominantly targeted vulnerable populations through deceptive mobile applications and messaging services. Moreover, criminals attracted victims with promises of quick, unsecured loans before imposing fees and enforcing abusive debt-collection practices. Consequently, scammers illicitly harvested sensitive personal and financial data. Therefore, this case demonstrates exploitation of financial inclusion gaps. Indeed, the Africa cybercrime operation protected marginalized communities from predatory schemes.

Neal Jetton, INTERPOL’s Director of the Cybercrime Directorate, emphasized the devastating impact of organized cybercriminal syndicates. Specifically, he noted these groups inflict financial and psychological harm on individuals, businesses, and entire communities through false promises. Moreover, Jetton highlighted the importance of collaboration when combatting transnational cybercrime. Consequently, he encouraged all victims to reach out to law enforcement for help. Therefore, public awareness remains crucial for prevention and reporting. Indeed, the Africa cybercrime operation demonstrates that collective action produces results.

The operation was conducted under the African Joint Operation against Cybercrime (AFJOC), an initiative funded by the UK’s Foreign, Commonwealth and Development Office. Specifically, this framework enables coordinated enforcement across multiple jurisdictions. Moreover, the Global Action on Cybercrime Enhanced (GLACY-e) project, a joint initiative of the European Union and the Council of Europe, provided operation-specific support. Therefore, international partnerships strengthen regional capacity. Additionally, sustained funding ensures long-term effectiveness. Indeed, the Africa cybercrime operation benefited from robust institutional support.

Participating countries included Angola, Benin, Cameroon, Côte d’Ivoire, Chad, Gabon, Gambia, Ghana, Kenya, Namibia, Nigeria, Rwanda, Senegal, Uganda, Zambia, and Zimbabwe. Consequently, geographic diversity enhanced intelligence gathering and enforcement reach. Moreover, regional cooperation facilitates information sharing beyond individual operations. Therefore, relationships built during this effort support future collaboration. Additionally, capacity development creates lasting institutional improvements. Indeed, the Africa cybercrime operation established foundations for ongoing cooperation.

Financial losses exposed during the investigation totaled over USD 45 million, far exceeding the USD 4.3 million recovered. Specifically, this gap illustrates challenges in asset tracing and restitution. Moreover, many victims face permanent financial harm despite successful enforcement. Consequently, prevention and public education remain critical priorities. Therefore, authorities emphasize proactive measures alongside reactive enforcement. Indeed, the Africa cybercrime operation highlights the need for comprehensive strategies.

Digital infrastructure disruption through the takedown of 1,442 malicious IPs, domains, and servers significantly degraded criminal operational capacity. Specifically, removing these resources forces syndicates to rebuild infrastructure at considerable cost. Moreover, coordinated takedowns prevent rapid migration to alternative platforms. Consequently, sustained disruption affects criminal profitability. Therefore, technical interventions complement traditional law enforcement methods. Indeed, the Africa cybercrime operation demonstrated multi-layered enforcement effectiveness.

Looking ahead, continued collaboration remains essential as cybercriminal tactics evolve. Consequently, law enforcement agencies must maintain adaptive strategies and technological capabilities. Moreover, public-private partnerships enhance threat intelligence and response coordination. Therefore, investment in capacity building yields long-term security benefits. Additionally, victim support services require expansion to address growing demand. Indeed, the Africa cybercrime operation provides a model for future regional enforcement initiatives. Furthermore, sustained commitment protects communities from emerging digital threats.

READ: ADI Foundation Partners with H2O Hospitality on Blockchain Travel