How a phishing attack led to AfDB staff getting assaulted in Ethiopia

Ethiopia was supposed to make a $5 million annual membership payment to the African Development Bank (AfDB) recently, but the money may have gone to scammers instead. Preliminary reports indicate that the wire transfer payment request was sent to the country’s Ministry of Finance, in what appears to be a cyber-phishing attack. According to sources close to the ministry, the source of the phishing attack was said to have assumed AfDB credentials, but no further details have been provided.

The Ministry of Finance errored, forgetting to conduct due diligence verification of the wire transfer account number. Perhaps the oversight could have been avoided by comparing the AfDB’s recipient bank account number with that of previous year payments. So far, there is no publicly available information as to which offshore account the money may have gone to. Although some suspect a bank in Panama.

Following the incident, the AfDB filed an open letter complaint, stating that its staff, including country manager Dr. Abdul Kamara had been detained and assaulted by law enforcement. Social media posts later showed photos of Dr. Kamara with visible injuries. Kamara, who is a citizen of Sierra Leone has diplomatic immunity from prosecution. Detained staff members were immediately released when Ethiopia’s Prime Minister was prompted and intervened. There’s also reports the PM paid a personal visit to Dr. Kamara after his release.

In a letter, AfDB’s chief, Dr. Akinwumi A. Adesina stated, “The Bank has since lodged a formal complaint with Ethiopian authorities. For their part, the authorities have formally acknowledged our complaint, noted the unfortunate incident, and reassured of a thorough investigation, ensuring transparency and accountability.”

As to how this phishing event led to the detainment as well as beating of AfDB’s staff in Addis Ababa is a matter that requires serious investigation. The other, more somber question remains: How was the scam orchestrated? Who was involved? What culpability, if any, is there within the Ministry of Finance? Why did law enforcement detain and assault AfDB staff?

Ethiopia has faced increasing cyber-phishing attacks on its financial sector in recent years. According to a report by Microsoft Security and Intelligence, “the country experienced a spike in cyber-attacks, including ransomware and malware infiltrations”. In 2022, The Information National Security Agency (INSA) said, the cyber-attacks had targeted financial institutions and mega projects, including computer systems of the Grand Ethiopian Renaissance Dam. Besides cyber criminals and non-state actors, external state agencies have incentives to engage in such activities for economic or political gain.

Despite the awkward episode, the AfDB signaled certainty in its continued commitment to support the country’s socio-economic development. The authorities in Ethiopia would have every incentive the investigate thoroughly, as the African Development Bank provides critical support to the country’s economy, but nevertheless Addis Ababa will likely remain guarded on the issue, avoiding further media inquiry into an already embarrassing incident.