Technology firm, Microsoft, has alerted Nigeria and other parts of Africa to the surge in Artificial Intelligence-enhanced phishing attacks, noting that the activities of cyber criminals have continued to rise, forcing 87,000 victims to cough out $484 million

The alert, contained in Microsoft 2025 Digital Defence Report, offered a sweeping view of the global cyber threat landscape and also provided critical insights for business leaders across Africa. Microsoft said its findings came from a unique vantage point and over 100 trillion daily security signals.

The American firm highlighted a significant expansion in the reach of cybercriminals over the past year, with a growing focus on North African countries. It also detailed how nation-state actors are refining their methods, harnessing AI, exploiting trusted platforms, and targeting high-value industries with remarkable accuracy.

Providing more insights into the activities via a webinar yesterday, Microsoft’s Chief Security Advisor for Africa, Kerissa Varma, said: “Africa isn’t just a target; it has become a proving ground for the latest cyber threats. We’re witnessing attackers harness AI to craft phishing messages tailored to local languages and cultural contexts, impersonate trusted individuals, and exploit the very platforms we depend on. Many of these advanced tactics are first tested right here on the continent.”

Referencing the World Economic Forum’s Cybercrime Impact Atlas Report 2025, Microsoft said arrests had increased across 19 African countries, noting that “however, the overall impact of cybercrime escalated sharply: the total value of cybercrime surged from $192 million to $484 million, and the number of victims jumped from 35,000 to 87,000.”

The Digital Defence Report highlighted the growing proficiency of criminal methods, with Business Email Compromise (BEC) emerging as the most financially damaging threat.

The report noted that though BEC accounted for just two per cent of observed threats, it was the outcome in 21 per cent of successful attacks, surpassing ransomware (16 per cent). These attacks often begin with phishing or password spraying, followed by inbox rule manipulation, multi-factor authentication (MFA) tampering, and email thread hijacking; tactics that enable trust-building and privilege escalation.

According to it, South Africa is identified as a global hotspot for BEC infrastructure setup and money mule recruitment. It said a case study on Storm-2126, a Nigerian-origin threat actor operating out of South Africa since 2017, illustrated the transnational nature of these attacks, which have targeted U.S. real estate firms, law practices, and tile companies.

It revealed that attackers were deploying autonomous malware capable of lateral movement and privilege escalation without human oversight. Meanwhile, AI-generated content is flooding digital spaces, overwhelming detection systems and enabling deepfake-enabled fraud, voice cloning, and the creation of synthetic identities at scale. Microsoft reports a 195 per cent global increase in AI-generated IDs used to bypass identity verification and exploit free trials or launch attacks from disposable tenants.