Microsoft has unveiled its 2025 Digital Defense Report, offering a sweeping view of the global cyberthreat landscape and providing critical insights for business leaders across Africa, drawing from over 100 trillion daily security signals.
The report shows how nation-state actors and cybercriminals are refining their methods, harnessing AI, exploiting trusted platforms, and targeting high-value industries with increasing precision.
“Africa isn’t just a target, it has become a proving ground for the latest cyber threats,” said Kerissa Varma, Microsoft’s Chief Security Advisor for Africa.
“We’re witnessing attackers harness AI to craft phishing messages tailored to local languages and cultural contexts, impersonate trusted individuals, and exploit the very platforms we depend on. Many of these advanced tactics are first tested right here on the continent.”
READ: Kaspersky: Africa Hit by 138 Million Cyberattacks in Just 6 Months
Microsoft’s investigations found that in 80% of cyber incidents recorded last year, the attackers aimed at stealing data, driven largely by financial motives rather than espionage.
The World Economic Forum’s Cybercrime Impact Atlas Report 2025 recorded a sharp rise in cybercrime across the continent. The total value of cyberattacks surged from $192 million to $484 million, while the number of victims increased from 35,000 to 87,000 across 19 African countries.
Business Email Compromise (BEC) was identified as the most financially damaging cyber threat, responsible for 21% of successful attacks despite representing only 2% of observed incidents.
These attacks typically start with phishing or password spraying and progress to inbox rule manipulation, multi-factor authentication tampering, and email thread hijacking.
South Africa has emerged as a global hub for BEC infrastructure and money mule recruitment. The report profiles Storm-2126, a Nigerian-origin threat group operating from South Africa since 2017, which has targeted real estate, legal, and tile firms in the United States.
AI Use in Cyberattacks
The report also indicates a shift toward multi-stage attack chains that combine technical exploits, social engineering, and infrastructure abuse.
Emerging tactics such as ClickFix, where users are deceived into manually running malicious code, and impersonation through Microsoft Teams are allowing attackers to bypass traditional defenses.
AI has been noted to be transforming the nature of cyber threats. AI-enhanced phishing campaigns now reach a 54% click-through rate, 4.5 times higher than conventional methods, and can boost criminal profitability by up to 50 times.
READ: Kenya Among the Most Targeted by Cyberattacks in September
Microsoft has recorded a 195% global rise in AI-generated identities used to bypass verification systems and exploit free trials for attacks.
“This is a pivotal moment for African business leaders. Defenders must fundamentally rethink their approaches to cyber resilience. Relying on trust alone is no longer enough,” said Varma.
“By investing in comprehensive cybersecurity strategies and leveraging AI-powered defenses, Africa can position itself as a crucial front line against emerging threats and help build stronger, more resilient digital ecosystems.”
