Exploiting desperation: Inside the cruel humanitarian aid scams 

5 May 2026

In a nation already devastated by conflict, a new and insidious threat is emerging: mass online fraud targeting Sudan’s most vulnerable people. Electronic fraud operations have rapidly expanded across Sudan, carried out by unknown individuals who operate in the name of humanitarian aid organisations that support displaced persons and those affected by the war. These fraudsters present themselves as employees or representatives of humanitarian organisations, intentionally using the names of well-known, trusted entities that have already provided material support on the ground.

Most of the scams reviewed by Ayin deceive victims through direct contact or targeted text messages sent via social media. The criminals inform their targets that they have cash assistance waiting for them, subsequently asking them to enter secret numbers or codes that arrive on their phones under the pretext of receiving support. As soon as the victims comply, the swift, devastating process of withdrawing and transferring money from their bank accounts suddenly begins.

Lives and savings drained in seconds

While these networks have been active for some time, investigators note that the phenomenon escalated significantly during February of this year. Multiple cases reported across several Sudanese states amidst increasing complaints from victims, some of whom lost their life savings. 

Najm al-Din Qamar revealed the details of a sophisticated scam that resulted in him losing millions of Sudanese pounds, including funds belonging to others that had been deposited in his account for safekeeping.

“A person approached me and asked for 2.2 million Sudanese pounds in cash,” Najm al-Din told Ayin. “He then instructed me to speak with another individual on the phone, who identified himself as from a Qatari humanitarian aid organisation and convinced me that financial support would be transferred to him.”

The deception quickly turned into an immediate financial catastrophe.

“The caller told me he would send a code to receive the money, and as soon as I entered the code on my phone, the money suddenly disappeared from my bank account,” Najm al-Din recalled. “I was later shocked to discover that the amount withdrawn exceeded 3.6 million Sudanese pounds (US$900).”

Upon discovering he was the victim of a calculated online scam, Najm al-Din immediately initiated legal proceedings. The prosecution issued a letter to the bank to investigate the accounts that received the transferred funds. According to the bank tracing results, the money was transferred to three bank accounts in different states, including one in Forbaranga, West Darfur State; another in Al-Jazeera State; and a third in Atbara, River Nile State.

“All legal procedures have been completed, and the transfers and suspected accounts have been tracked,” Najm al-Din added. “However, the case is still before the court, and no final verdict has been issued yet.”

The 45-million-pound hack

Even those working directly within the humanitarian sector to alleviate suffering are being actively targeted. In another grave incident in the Darfur region, a volunteer aid worker using the pseudonym Ahmed Yahya had his bank account hacked and funds estimated at 45 million Sudanese pounds ($11,250) withdrawn. The targeted account was actively receiving funds explicitly designated for humanitarian aid to citizens in one of the Darfur states.

Despite Ahmed’s extreme caution in protecting his bank account and his strict refusal to share data with anyone—especially given his regular dealings with humanitarian organisations—he was surprised on April 24 to find that his account had been hacked, closed, and reopened on another phone without his knowledge. He quickly contacted a friend, who notified the bank, leading to the discovery of massive financial transfers from his account to two different bank accounts.

Following the breach, Ahmed and his associates took the necessary legal measures, filing a criminal complaint while the prosecution initiated an investigation to trace the suspicious transfers. Initial investigations revealed that one of the two accounts receiving the millions was in El Geneina, while the other was in Khartoum North. Ahmed confirmed that legal proceedings are ongoing amidst intensive efforts to track down the accounts linked to the fraud, though he noted that the legal process and tracing the funds could take a long time.

15,000 cases and counting

The magnitude of this digital crime wave is overwhelming Sudan’s legal infrastructure. Cybercrime Prosecutor Adam Al-Sanousi identified the most common methods of fraud today, saying they include what is known as humanitarian aid fraud, where people contact victims using fake phone numbers, claiming to be affiliated with humanitarian organisations, offering to provide financial support, or claiming that the victims have relatives abroad, such as in Saudi Arabia, and want to transfer money to them.

Al-Sanousi pointed out that these fraudsters ask victims to log into financial applications and enter passwords or reference numbers, and as soon as this is done, money is stolen directly from the bank accounts. Reports related to electronic fraud are witnessing a massive increase. The deputy prosecutor reported that the Information Technology Prosecution Office alone investigated over 15,000 cases of online fraud related to this issue during the past year. Crucially, this figure does not even count the remaining Sudanese states.

Lawyer Zakaria Abdullah describes electronic fraud crimes as “the most dangerous financial crimes” because of the direct harm they cause to victims and the deeply negative impact they have on public trust in financial transactions between individuals and institutions. He explained that the Sudanese Criminal Law of 1991 defines fraud and deception as the deliberate deception to seize the money of others, to achieve an illicit gain, or to cause harm to victims. The legal punishment may include imprisonment, a fine, or a combination of both, with prison terms reaching up to three years depending on the specific circumstances of the crime.

Defending the digital frontline

According to Ayin cybersecurity engineer Nidal Abbas, scammers heavily target the victim’s mind using what is known as social engineering. They often contact the user and make him believe that his bank account needs an urgent update, asking him to send an activation code, or they send malicious links via WhatsApp, asking the victim to log in so they can hijack the account.

Abbas explained that another prevalent method of fraud involves malicious applications that can secretly read incoming text messages as soon as they are downloaded onto a phone. Additionally, fraud in the name of humanitarian organisations frequently relies on direct calls or WhatsApp messages telling people they have won a financial grant, using this leverage to demand bank details, activation codes, contact numbers, or upfront fees.

The cybersecurity engineer strongly stresses that private codes, phone numbers, and passwords are personal information that must never be shared with anyone under any circumstances, warning explicitly against clicking on unknown links. To combat this, Abbas calls on all users of banking applications to activate the two-factor authentication feature on their financial apps, WhatsApp, and email accounts using advanced security methods such as fingerprint or iris scanning. Finally, she emphasised the absolute necessity of downloading applications exclusively from official stores, such as Google Play or the App Store, rather than from untrusted links or third-party websites.