Fake SGR, KQ, KCB, NTSA and Other Websites Stealing Money From Kenyans
Share
As more services move online, cybercriminals are using increasingly advanced tactics to target unsuspecting Kenyans through fake websites.
From booking SGR tickets and paying traffic fines to applying for jobs and accessing mobile banking services, fraudsters are cloning the websites and social media pages of trusted organizations to steal money and personal information.
The latest case involves Kenya Railways, which has launched a hunt for fraudsters who created a fake website that redirected Madaraka Express ticket bookings to unauthorized payment channels.
The incident has renewed concerns over the growing number of cloned websites targeting some of Kenya’s biggest brands.
Kenya Railways Investigates Fake SGR Booking Websites
Kenya Railways recently warned passengers against fake websites claiming to sell Madaraka Express tickets.
The corporation said fraudsters created websites that closely resembled its official booking platform and tricked customers into making payments through unauthorized channels.
In its public notice dated July 10, Kenya Railways urged passengers to buy tickets only through its official website, metickets.krc.co.ke, by dialing *639#, or by visiting any Madaraka Express station.
“These fraudulent platforms are designed to deceive customers into making payments through unauthorized channels, resulting in financial loss and possible compromise of personal information.”
The corporation also warned that it would not be responsible for bookings or payments made through unofficial channels.
Kenya Airways Warns Against Fake Booking and Recruitment Platforms
Kenya Airways (KQ) has also warned customers about fake websites and social media pages impersonating the airline.
Scammers have used cloned platforms to advertise fake flight offers, promotions and recruitment opportunities while collecting payments or personal information from victims.
The airline has repeatedly advised customers to book flights only through its official website and verified channels and to be cautious of deals that appear unusually cheap.
NTSA Exposes Fake SMS Traffic Fine Scam
The National Transport and Safety Authority (NTSA) has also become a target of cybercriminals.
In a public alert issued on December 18, 2025, the authority warned Kenyans against fraudulent SMS messages claiming recipients had outstanding traffic violation fines.
The messages directed motorists to a fake website that closely resembled NTSA’s official platform and instructed them to pay before a specified deadline.
Also Read:HELB Breaks Silence on Viral Claims About KMTC Loan Applications
NTSA dismissed the messages as a scam.
“We have received reports of fraudsters sending SMS messages to members of the public, urging them to pay alleged traffic violation fines through a specified link by a deadline. Please be informed that the website mentioned in these messages is not affiliated with or operated by NTSA,” the authority said.
The agency reminded motorists that its online services are offered only through official government platforms.
Bamburi Cement Debunks Fake Recruitment Advertisements
Job seekers have also become targets.
In January 2025, Bamburi Cement warned the public about fake recruitment advertisements circulating on Facebook.
The advertisements claimed the company was hiring for various positions and directed applicants to unofficial websites.
Bamburi clarified that all legitimate job opportunities are advertised only on its official website and verified social media pages.
The company urged job seekers never to pay money for employment opportunities or submit personal information through suspicious websites.
Also Read: Kenya Railways Issues Warning Over Fake SGR Booking Platforms
KCB M-PESA Customers Also Targeted
Customers using KCB M-PESA have also faced online scams involving fake websites, phishing links and fraudulent messages.
Cybercriminals have created platforms designed to steal customer credentials, including mobile banking details, passwords and one-time verification codes.
KCB Bank and Safaricom have consistently advised customers never to share their PINs, passwords or verification codes with anyone, even if the request appears to come from the bank.
How Fraudsters Make a Fake Website Look Real
Cybercriminals often copy the appearance of legitimate websites, including logos, colours and layouts, making it difficult for users to identify fake platforms.
Some fake websites even use internet addresses that closely resemble official domains, making the scam appear genuine.
Once victims enter their information or complete payments, fraudsters steal the money or use the personal details for identity theft and other crimes.
Follow our WhatsApp channel for instant news updates.

Kenya Railways and Bamburi Cement warn Kenyans of fake websites
PHOTO/Acc
