The Bank of Kigali has reportedly been targeted in a large-scale cyberattack that triggered a wave of fraudulent activity affecting its customers, according to information from reliable sources.

Customers of the bank were allegedly inundated with phishing links, designed to deceive them into revealing sensitive financial information. While the exact number of affected clients remains unclear, sources indicate that a significant number may have fallen victim to the scheme.

In what appears to be an immediate response to the unfolding situation, the bank circulated a warning to customers urging vigilance. In the message, customers were cautioned against engaging with suspicious links and reminded that the bank would never request sensitive information such as PINs, passwords, or card details through SMS, WhatsApp, email, or phone calls.

Clients were advised to only use official platforms, including the bank’s mobile app and verified internet banking portal, and to report any suspicious activity.

In response to the incident, the Bank of Kigali has officially communicated to its partners and employees that both internal and external transactions have been temporarily suspended.

The move is described as a precautionary measure aimed at safeguarding the bank’s systems and limiting further exposure.

The timing of the attack is particularly sensitive. This period coincides with tax clearance obligations, and Bank of Kigali processes the largest share of tax-related transactions in the country.

The disruption is therefore expected to affect a wide range of financial activities across individuals and businesses. With digital channels currently suspended, many customers will likely be forced to visit their nearest bank branches to complete urgent transactions.

At this stage, no official figures have been released regarding the scale of financial losses incurred during the attack. However, sources suggest that the impact could be substantial, given the coordinated nature of the phishing campaign.

The National Bank of Rwanda is understood to have deployed a team, working alongside other relevant institutions, to support the ongoing investigation and reinforce security measures within the banking system.

Efforts to obtain clarification from the Bank of Kigali’s communications department were unsuccessful, as calls seeking comment had not been returned by the time of publication.

The incident comes just weeks after Equity Bank was similarly targeted by fraudsters in a separate case that reportedly resulted in the loss of billions of francs, raising broader concerns about the resilience of digital banking infrastructure in the region.

As investigations continue, customers are being urged to exercise heightened caution, avoid interacting with unsolicited links, and rely only on official banking channels.