NAIROBI– A group of six suspects is in police custody following a crackdown on a sophisticated phone scam ring that used caller ID spoofing to defraud Kenyans by posing as bank or telecom agents.
The arrests, made in Mombasa, follow an investigation launched by the Directorate of Criminal Investigations (DCI) on 31 May. Police believe the suspects were working closely with the so-called Mulot Swappers, a well-known fraud syndicate named after a town in Bomet County linked to several high-profile financial scams.
Authorities say the group operated out of an Airbnb apartment in Nyali, along 1st Avenue, where they allegedly ran a full-fledged fraud operation targeting mobile money users across the country.
At the centre of the scheme, according to investigators, is a spoofing application used to mimic legitimate customer care numbers from banks and mobile providers. Victims would receive calls that appeared to come from trusted institutions, often during moments of urgency.
“By pretending to be customer care agents, they would stir panic convincing victims to give out personal information,” the DCI said in a statement. “That information was then used to siphon funds from victims’ bank and M-Pesa accounts.”
The spoofing app reportedly fetched as much as Sh500,000 on the black market. That fee, police say, included installation, configuration and even a unique IP address to mask the caller’s true location.
During the raid, detectives recovered 19 mobile phones, multiple SIM cards from local and regional networks including Safaricom, Airtel, Telkom and MTN Uganda and a notebook with what appeared to be a list of potential targets.
The suspects were arraigned at the Kahawa Law Courts on 3 June, where police sought more time to investigate. The magistrate is expected to rule on the application on 6 June. In the meantime, the suspects remain in custody at Capitol Hill Police Station in Nairobi.
While mobile money has become a lifeline for millions of Kenyans, it has also become a target for increasingly creative cybercriminals. Spoofing, which involves disguising a phone number to make a call appear legitimate, is part of a wider pattern of tech-enabled fraud.
“This is not just about conmen with phones it’s organised crime,” said a cybersecurity expert based in Nairobi who requested anonymity to speak candidly. “What’s worrying is the ease with which this technology is being deployed.”
The DCI has urged the public to remain vigilant and avoid sharing personal banking or SIM card information over the phone no matter how convincing the caller may seem. Most financial institutions have also reinforced their warnings, reminding users that they never ask for PINs or personal data over the phone.
The latest arrests offer a glimpse into how cybercrime in Kenya is evolving from crude text scams to coordinated networks backed by digital tools.
But for now, police say they’re building a case they hope will lead to formal charges. The story, much like the technology used in the crime, is still unfolding.
