"CSA Warns of Surge in Cyberbullying by Unregulated Digital Lending Apps"

CSA Warns of Surge in Cyberbullying by Unregulated Digital Lending Apps

Cyber Security Authority (CSA) has sounded a public alert over a resurgence in cyberbullying incidents linked to digital lending mobile applications, following a sharp rise in reported cases in the first five months of 2025.

According to a notice issued by the CSA on May 31, the Authority received 377 cyberbullying reports between January and May, up significantly from the 228 cases recorded throughout the entire year of 2024. The rise highlights growing risks associated with loosely regulated digital lending apps operating outside Ghana’s financial and data protection frameworks.

The modus operandi involves small loan amounts—often under GHS 200—being automatically disbursed to users upon app installation, frequently without any formal request. Victims are then subjected to extortion tactics, including aggressive repayment demands, threats of public defamation, and the circulation of manipulated images.

“Even after victims repay, some fraudsters continue to demand additional payments,” the alert noted.

A comprehensive list of apps implicated includes names such as Miniloan, Devtage loan, Plus Cash Arrow, Sunloan pro, Lever credit, and RocketLoan Turbo, among others. Many of these apps are not licensed by the Bank of Ghana (BoG) and violate the Banks and Specialised Deposit-Taking Institutions Act, 2016 (Act 930). Additionally, the CSA asserts that these platforms breach the Data Protection Act, 2012 (Act 843), having failed to register with the Data Protection Commission (DPC) and improperly accessing users’ personal data.

The CSA also pointed out that many victims unknowingly grant these apps access to sensitive personal information, including contact lists, photos, and national identification details during installation.

The public has been strongly advised against subscribing to the services of these digital lenders. “These mobile applications are not sanctioned by the Bank of Ghana or the Data Protection Commission. Individuals who patronise these services do so at their own risk,” the CSA warned.

The Authority has activated its 24-hour Cybersecurity/Cybercrime Incident Reporting Point of Contact (PoC) for victims to report abuses or seek support, accessible via call or WhatsApp on 0501603111, or by email at report@csa.gov.gh.

The move reflects growing concern over the proliferation of fintech platforms that exploit regulatory loopholes and highlights a broader challenge for policymakers in balancing financial innovation with consumer protection in Ghana’s rapidly digitising economy.