Rwanda’s banking sector is facing a fresh wave of attempted cyber fraud, with banks and regulators warning customers against scammers posing as financial institutions through SMS, email, phone calls and social media.

National Bank of Rwanda, Bank of Kigali, Equity Bank Rwanda, and BPR Bank Rwanda have all issued alerts over fake messages designed to trick account holders into revealing confidential banking details.

ALSO READ: Rwanda cuts digital fraud, but systemic risks still linger

According to the banks, the warnings come as fraudsters increasingly exploit the Easter period, when people are more likely to make transactions and may be less cautious.

The central bank said criminals are sending deceptive messages that appear to come from legitimate institutions, often claiming that a customer’s account has been suspended, is at risk, or requires urgent verification.

"These scams are usually meant to create panic and push customers into acting quickly,” the regulator warned, stressing that no licensed financial institution will ever ask for a PIN, password or one-time password code through a phone call, SMS, email or WhatsApp message.

ALSO READ: Digital fraud cases in financial sector drop 40% — BNR

Bank of Kigali said some customers have received fake emails warning that their accounts would be suspended within 24 hours unless they updated their details through a link.

The bank said the messages are fraudulent and urged customers to access their accounts only through its official mobile app and internet banking platform.

Equity Bank Rwanda has also warned customers about scammers using phone calls, SMS and WhatsApp to impersonate bank officials, while BPR Bank Rwanda reported similar attempts involving messages claiming that customer accounts require urgent verification.

The alerts come at a time when the region is also witnessing more sophisticated cyber fraud.

Last month, Ugandan authorities charged six suspects accused of manipulating the systems of Equity Bank Kigali in a cross-border electronic fraud scheme involving billions of francs.

Banks say they are strengthening monitoring systems, issuing public warnings and encouraging customers to report suspicious activity immediately.

What account holders must know

Banks are advising customers to not click on unknown links sent by SMS, email or WhatsApp, and to never share their usernames, passwords, PINs, card numbers or OTPs.

Account holders are also encouraged to verify any message directly with their bank through official numbers or by visiting their nearest branch, as well as use only official banking apps and websites, and report suspicious calls or messages immediately.

Efforts to obtain information on the number of affected customers from Bank of Kigali, BPR Bank, BNR, and the National Cybersecurity Authority were unsuccessful by press time.