According to a recent survey conducted with users of Dubizzle, Dubai's leading free classifieds website, 36% of respondents had never heard of the term 'phishing scam'. The remaining 64% were aware of the term, but a quarter of them did not know what it meant.
A phishing scam is a type of internet fraud, where a cyber-criminal tricks a computer user (often by imitating a trustworthy company), usually via email, into revealing personal or confidential information, such as usernames, passwords, or financial details, which the scammer then uses to steal money or commit identity theft.
It is reported that, over the past three years, there have been over 11,500 record breaches in the UAE and GCC region (which members states consist of Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, as well as the United Arab Emirates), however 30% of online phishing victims never reported it.
Those who did suspect a scam, reported that the main reasons were: an offer too good to be true (54.4 %); and the seller's information seeming suspicious (27.8%).
"It's easy to become a victim of a phishing scam as most scammers pose as genuine employees, buyers or sellers. Making contact information available helps connect with those listing a job or an ad faster, however this has its downside as it makes users more vulnerable to fraudulent activities," added Salma Anabtawi, Customer Support Manager at Dubizzle.
Consumers in the UAE have had their fair share of scams over the past year. In January 2016 multinational UAE-based telecommunications services provider, Etisalat, warned its Abu Dhabi customers of an email scam that tried to steal account details.
The email said "Your Etisalat online bills is ready to be viewed", and recipients were asked to click on a link to view their statement. The email was signed "from Etisalat Online Service Team".
One user reported that after clicking the link, their security software popped up a message indicating that the email was reported as a fake. Luckily for them, they had some cyber protection, but users without such software were vulnerable to being a victim. Etisalat warned its customers never to provide personal information to suspicious sources.
The following email scam started circulating in July 2016:
From: “Aazar .A. Khwaja ” email@example.com
Subject: ATTENTION BENEFICIARY,
Date: Tue, 5 Jul 2016
Greetings from U.A.E to you My Dear friend,
How are you doing today hope I met you in good health?
I am Mr.Aazar .A. Khwaja Group Treasurer Officer of Emirates NBD Dubai. I have a bussness matter of great importance, proposal worth of $30,000,000.00 (Thirty Million United State Dollars) for you that has to do with your name.
Have a nice day and God bless. Anticipating your prompt response.
Mr.Aazar .A. Khwaja
Group Treasurer Officer of Emirates NBD
The message is a typical example of an advance fee fraud message. The scammer claims to be a bank official with a lucrative proposition, sometimes asking the recipient to pose as next-of-kin to a deceased millionaire. Unfortunately, the proposition is fake and the scammer is simply trying to steal the recipients’ money.
Credit Card Scams
As well as scam emails, there is also a rising trend of credit card fraud in the UAE. Thousands of people fall victim to credit card scams and they don’t find out about it until the damage is done and the fraudster has moved on. The scammer often tests the waters first, with a small amount of $1 (Dh3.67), to make sure the credit card details are accurate. Most people would take no notice of this on their transaction list.
One UAE-based consumer, Prashanth Thyagarajan’s, reported that in July 2016, while touring Europe, his wife received a text message from the bank to say her credit card had been used to pay for Dh4,500 worth of goods in a supermarket without her knowledge. The couple had thought they had taken enough precautions by using reputable websites to book their hotels and hire car, but they were still victims.
Thyagarajan explained, “The transaction happened in a branch of a famous chain of supermarkets in France. Luckily we had never travelled to Europe before that incident, so we filed a complaint with the bank that afternoon, stating all our reasons and proof.”
Waleed Barhaji, Business Head of Consumer Finance at Noor Bank, says chip-and-PIN technology, has been implemented in the UAE over recent years and has made it more difficult for the criminals. “Most banks have replaced magnetic strips with the technology. The latter has made it much more difficult for fraudsters to extract and misuse data. Industry numbers suggest that despite growing card transaction volumes, fraud has dropped significantly. The chip-and-PIN concept has also enhanced consumer protection. In most cases fraud liability rests with the card issuer. Of course, there are exceptions such as the customer’s actual card as well as PIN being compromised, where the cardholder would also be liable.”
FraudWatch International services many clients in the UAE and GCC region as a whole. FraudWatch International has been protecting organisations and individuals against phishing attacks since 2003, and offer world-class takedown times.
If your organisation is being actively phished, FraudWatch International can assist in protecting your brands and ensuring phishing attacks are mitigated in the quickest possible time.
Contact us today to find out more!