Be Cautious!: CSA warns as fake data bundle deals drain Ghanaian wallets

At least GH¢73,510 has been lost to mobile data bundle scams in Ghana between January and July 2025, according to the Cyber Security Authority (CSA).

In a public alert issued on Friday, August 1, the Authority stated that it had recorded 63 reported cases over the seven-month period. It warned that fraudsters are increasingly exploiting the demand for discounted data offers to steal money and sensitive personal information.

The scams typically involve cybercriminals impersonating mobile network operators or using fake promotions to lure victims via SMS, WhatsApp and social media platforms. In some cases, the fraudsters convince users to make advance payments for non-existent data bundles.

“Victims are tricked into clicking malicious links, divulging passwords and mobile money PINs, or installing malware that compromises their devices and accounts,” the CSA said.

According to the Authority, some incidents involved unauthorised access to mobile money wallets and social media accounts after victims unknowingly shared their credentials. Others lost funds after paying for data bundles that were never delivered.

The CSA noted that the scammers often pose as customer service agents or legitimate vendors, offering low-cost data packages. They send unsolicited messages or advertisements containing suspicious links, harvest personal information such as contacts, passwords and mobile money details, steal WhatsApp verification codes and PINs to hijack accounts, and install malware to gain access to social media and financial platforms.

The Authority is urging Ghanaians to remain vigilant and take steps to protect themselves online. “Be cautious of unsolicited messages promoting cheap data sales,” the CSA advised. “Always verify vendors through official customer service channels of mobile network operators.”

It also cautioned against sharing verification codes or clicking links from unknown sources, even if they appear to come from known contacts. Users are encouraged to activate two-factor authentication on all online accounts.

The CSA has provided a 24-hour cybersecurity reporting line for victims or individuals seeking support. Reports can be made by calling or texting 292, via WhatsApp at 0501603111, or by email at report@csa.gov.gh.