Cyber Security Authority of Ghana (CSA) has issued an urgent public alert warning citizens of a massive spike in online fraud as the country approaches the Easter season.
According to data released by the authority, malicious actors are actively exploiting the heightened commercial activity associated with the festive holidays to defraud unsuspecting victims.
In a recent statment, the CSA reported that it recorded 720 cases of online fraud between January and March 2026. This represents a staggering 113% increase compared to the 338 cases recorded during the same period in 2025.
According to the authority, cybercriminals are employing several tactics to defraud the public. One common method involves fake online shops, where scammers impersonate legitimate businesses on social media and create counterfeit e-commerce sites. They entice buyers with steep discounts, demand payment upfront, and fail to deliver purchased goods.
In a more sophisticated move, fraudsters are manipulating search engines and map listings to redirect customer inquiries to fake contacts. Criminals set up bogus business listings on Google Maps and use search engine optimization techniques to appear prominently in search results. Victims who pay via mobile money are often blocked immediately after making a payment.
Phishing and malware attacks remain a significant threat. Criminals are sending unsolicited emails and messages, often posing as romantic partners or well-known brands offering holiday deals. These messages contain malicious links designed to steal personal information or install harmful software on victims’ devices.
In response to these threats, the CSA has urged the public to exercise extreme caution during online transactions. Consumers are advised to verify shop details directly on official websites rather than relying solely on search engine results, remain skeptical of offers that seem “too good to be true,” and make payments only after inspecting purchased items. Sensitive information, including Ghana Card numbers, bank details, and credit card information, should never be shared with unverified contacts. Mobile money payments should only go to wallets registered in the official name of the business.
The Cyber Security Authority operates a 24-hour Cybersecurity and Cybercrime Incident Reporting Point of Contact. Suspicious activities can be reported by calling or texting 292, sending a WhatsApp message to 0501603111, or emailing [email protected] .
