International "Operation Red Card" Disrupts African Cybercrime Networks

An international law enforcement effort, dubbed "Operation Red Card," has led to the arrest of 306 individuals and the seizure of 1,842 devices tied to cyber-enabled financial scams across Africa. Coordinated by INTERPOL between November 2024 and February 2025, the operation targeted transnational criminal groups behind mobile banking, messaging, and investment app scams, collectively affecting over 5,000 victims. Law enforcement agencies from Benin, Côte d'Ivoire, Nigeria, Rwanda, South Africa, Togo, and Zambia participated in the operation. According to INTERPOL, “The cases uncovered during the operation involved more than 5,000 victims.” Investigators also recovered high-value assets including 26 vehicles, 16 houses, 39 plots of land, and 685 devices tied to fraudulent operations.

The operation surfaced multiple criminal schemes. In Nigeria, 130 individuals, including 113 foreign nationals, were arrested for orchestrating online casino and investment fraud. Authorities found that some of those involved were possibly human trafficking victims, forced to operate in multilingual scam centers using digital assets to obscure illicit profits. In Zambia, 14 suspects were detained for malware-based attacks that hijacked victims’ phones via malicious links, granting attackers access to banking apps and enabling scam propagation through compromised messaging platforms. South African police dismantled a SIM box fraud scheme, arresting 40 people and confiscating over 1,000 SIM cards and 53 desktop machines used to reroute international calls, which enabled widespread SMS phishing campaigns.

Rwanda’s contribution to the operation included the arrest of 45 individuals tied to social engineering schemes that defrauded victims of more than $305,000 in 2024. Tactics included impersonating telecom staff and fabricating personal emergencies to extract financial information. INTERPOL attributed the success of Operation Red Card to pre-operational intelligence sharing among countries, further enhanced by threat insights from Group-IB, Kaspersky, and Trend Micro. “Ahead of the operation, countries exchanged criminal intelligence on key targets. This intelligence was enriched by INTERPOL with insights into criminal modus operandi using data from its private sector partners—Group-IB, Kaspersky and Trend Micro.” INTERPOL’s Director of Cybercrime, Neal Jetton, reinforced the impact of international collaboration: “The recovery of significant assets and devices, as well as the arrest of key suspects, sends a strong message to cybercriminals that their activities will not go unpunished.”

The crackdown builds on prior cross-border cybercrime efforts in the region, including Operation Serengeti and Africa Cyber Surge II, and demonstrates the continued global emphasis on disrupting cybercriminal ecosystems and strengthening digital security through coordinated public-private efforts.