Cybercrime is increasing in Kenya. Protecting yourself online requires awareness and simple precautions. Here’s how to stay safe digitally.
M-Pesa Security
Never share your M-Pesa PIN with anyone ever. Safaricom will never call asking for your PIN. Don’t send money to strangers promising returns. Verify businesses before mobile money payments. Use strong PIN not birthdays or 1234. Change PIN if you suspect compromise. Check balance after every transaction. Report suspicious messages to 333.
Common Online Scams
Fake job offers requiring payment upfront. Romance scams on social media and dating apps. Investment schemes promising unrealistic returns. Fake online shops with too-good prices. Email phishing claiming urgent account problems. Fake calls from “bank security” asking for details. WhatsApp messages from friends whose accounts are hacked.
Password Security
Use different passwords for different accounts. Make passwords 12+ characters mixing letters, numbers, symbols. Avoid obvious passwords like names or birthdays. Use password manager apps like LastPass or 1Password. Enable two-factor authentication everywhere possible. Change passwords if service reports breach. Never share passwords with anyone.
Safe Social Media Use
Limit what you share publicly. Check privacy settings regularly. Don’t accept friend requests from strangers. Be skeptical of messages from friends asking for money. Verify information before sharing—fake news spreads fast. Avoid posting real-time location constantly. Block and report suspicious accounts. Don’t click suspicious links in messages.
Banking App Safety
Only download apps from official stores. Enable biometric login if available. Never use banking apps on public WiFi. Log out after every session. Don’t save passwords in browsers. Check bank statements regularly for unauthorized transactions. Set up transaction alerts. Contact bank immediately if something looks wrong.
Email Security
Verify sender addresses carefully—scammers use similar addresses. Don’t click links in unexpected emails. Never download attachments from unknown senders. Banks don’t ask for passwords via email. Check for spelling and grammar errors—scam emails have many. Hover over links to see actual destination. Use email provider’s spam filters.
Shopping Online Safely
Use trusted platforms like Jumia or Masoko. Read reviews before buying. Pay through secure methods with buyer protection. Avoid direct M-Pesa to strangers. Too-cheap prices signal scams. Check seller ratings and history. Screenshot product descriptions and conversations. Use escrow services when possible.
Public WiFi Risks
Avoid banking or sensitive transactions on public WiFi. Use VPN if working on public networks. Turn off automatic WiFi connection. Forget network after use. Don’t access work files on cafe WiFi. Phone data is safer than unknown WiFi. Free VPN options include ProtonVPN or Windscribe.
Phone Security
Use screen lock—fingerprint or strong password. Don’t root or jailbreak phones—increases vulnerability. Keep operating system updated. Only install apps from official stores. Check app permissions before granting. Backup important data regularly. Enable Find My Phone feature. Don’t click random links in SMS.
Recognizing Phishing
Messages creating urgency are suspicious. Requests for personal information are red flags. Poor grammar and spelling indicate scams. Mismatched sender information. Threats of account closure or legal action. Offers that seem too good. Requests to call suspicious numbers.
If You Get Hacked
Change all passwords immediately. Contact your bank if financial accounts involved. Report to police cyber desk at DCI. Alert contacts that your account was compromised. Enable two-factor authentication everywhere. Check credit reports for unauthorized activity. Document everything for potential legal action. Consider identity theft protection services.
Protecting Children Online
Use parental controls on devices. Monitor social media activity. Educate about online stranger danger. Set screen time limits. Keep devices in common areas. Know their passwords at young ages. Use kid-safe browsers and YouTube Kids. Talk regularly about what they see online.
Data Privacy
Read privacy policies of apps you use. Limit app permissions to necessary only. Clear browser cookies regularly. Use incognito mode for sensitive browsing. Be careful what you upload—internet is permanent. Avoid oversharing personal details online. Check what data companies collect on you.
Reporting Cybercrime
DCI Cyber Crime Unit: 0800722203 or report online. Communications Authority cyber desk. Your bank’s fraud department immediately. Block scammer numbers and report to your provider. National Computer Incident Response Team (KE-CIRT). Share experiences to warn others.
Online safety requires constant vigilance. When something feels wrong, trust your instincts—it’s better to be overly cautious than become a victim of cybercrime.