According to reports, most accounts involved in cybercrime were initially owned by young people aged 20-26 years, presumably in universities or other tertiary institutions.
The hackers mainly target young and new bank account holders by buying their Automated Teller Machine (ATM) cards for only Ksh 500 to find easy entry into banks and safe passage for siphoning off money.
A senior cybersecurity officer at a multinational lender disclosed that most ATM cards used normally have zero transitory histories.
Furthermore, at least seven out of 10 bank accounts flagged belonged to customers who had balances of less than Ksh1000.
Experts also noted that some of the hackers were students and used their hippy and ignorant schoolmates in need of quick funds.
The study conducted on random students at the University of Nairobi and neighbouring Kenya Methodist University town campus revealed that the students were willing to sell their bank details for as much as Ksh 100,000.
‘’That is gold presented on a silver platter. I don’t remember when I last deposited in my account Ksh 100,000. It can help me sort a few problems,’’ Kibe, a second-year UoN student stated.
His friend Roberto commented that he would willingly give his national ID as a bonus for Ksh 50,000.
On Friday, the Assets Recovery Agency asked a court to freeze the accounts of Timothy Kang’arua, a student at the Jomo Kenyatta University of Agriculture and Technology who fraudulently transferred Ksh 41 million from a local bank to himself.
A report by the Assets Recovery Agency (ARA), showed that Kang’arua used a complex scheme where he registered over 300 mobile lines using ID cards of unsuspecting Kenyans and opened bank accounts using their details.
As stated by industry sources, out of 47 banks, fewer than 10 have their core banking system relatively safe.
“The sad part is that some of the people running these banks have no clue of IT issues, are not interested and take too long to respond to the attacks,” a senior industry player disclosed.