Kenyans scammed by hacked Facebook friends

Social engineering; User accounts compromised

An unidentified number Kenyan users of the social network sent money to other users who they believed to be buds in need of urgent financial help. Their troubled friends, however, actually were hackers who had overtaken legitimate Facebook accounts.

The scheme involved fraudulent messages, sent from the hacked friends’ accounts, requesting money, typically with a promise to repay the loan with interest as soon as possible.

“Most users have fallen for the scam because the message supposedly comes from a trusted friend. Maria, one such victim, sent Sh8,000 (US$90) via MPesa to an unidentified number after a friend inboxed her,” CapitalFM reports.

Maria did not call the friend to confirm because he was based in the UK.

Maria told CapitalFM: “My friend asked if I could send the money to someone who was in trouble and needed the cash to pay bail. I just assumed that it was him coz the message was from his account.”

She became suspicious when she got another message from the friend requesting the same amount to be sent to another number, so she replied she didn’t have any more cash.

A few hours later, the real UK friend posted a real Facebook update saying his account had been hacked and apologizing to friends who had received the hoax messages. Based on the replies to his status update, it seems that the crooks hacked Kenyans in the UK to target their friends in Kenya, making it difficult for the friends to immediately verify the money requests.

Maria reported the issue to Safaricom’s MPesa department, which informed her that the money had been withdrawn within five minutes after being sent. MPesa advised her to take the issue to the police, since that is the standard procedure for fraud cases

The multi-step process for filing a complaint within the Kenyan bureaucracy discourages many victims from reporting such incidents, according to CapitalFM.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.


Financial Services; Social Media


November 27, 2013

reported by


number affected


location of breach




location of perpetrators


date breach occurred

November 2013

date breach detected

November 2013