50 Shades of Online Frauds in the UAE

When it comes to online frauds, UAE is no stranger. The country has witnessed several deceptions from fraudulent job offers to fake advertising scams!

If you have not received a single text yet such as:

• Click the link to update your bank account
• Collect your lottery prize by submitting your personal details

From illegitimate sources then you are the luckiest person alive.

Why did I say so?

The answer is simple. Not everyone can escape getting those messages.

However, not everyone is lucky like you. There are several who had fallen prey to these messages and lost many valuable assets, including money, reputation, data, and much more.

According to a post from Arabian Business, UAE suffered a loss of more than $87M in 2017 due to online scams.

The number does not stop here. Frauds have been increasing rapidly across the international level not sparing any industry. 

With each passing year, the number and volume spread like wildfire. From fake job offers to online shopping scams, from credit/debit card fraud to data breaches, you name it!

Moreover, as per Khaleej Times, “The UAE is the 3rd most attractive target for cybercriminals”. The country with high per capita income. In addition, with more people spending their time online due to the COVID-19 pandemic, the nation has become a lucrative target for cybercriminals.

If you ask me why online frauds are increasing daily, I can spell out several reasons. Wait, let’s dive into some of those!

The COVID-19 Crisis

Opportunistic malicious actors are taking full advantage of the chaotic situation of the global coronavirus pandemic to commit cybercrimes. According to WHO, the malicious actors are pretending to be WHO and sending malicious emails to trick the victim into clicking on malicious links or downloading attachments.

These tactics allow them to steal your:

• Credentials and personal information
• Stimulus checks
• Unemployment benefits

Moreover, through malicious emails, cybercriminals also attempt to collect funds for fake COVID-19 treatments. Tricking the people in the UAE to donate to fraudulent charities and much more.

In fact, as per the KPMG UAE cybercrime survey, due to the increasing online fraud in the region, 71% of respondents expect their businesses to invest additional resources. To protect their organization and the people involved with it against cybercriminals.

The Online Transaction Saga

Today almost every business has shifted from traditional to online banking transactions. You will find the majority of businesses are sending their invoices for payment via email. As a result, it is attracting many sophisticated cybercriminals to find security vulnerabilities in invoice transactions. 

The tactics include sending emails to an employee with a sense of urgency for payment into bank accounts that are controlled by malicious actors. Another common technique is to send an email from a fake bank instructing the victim to confirm that he or she did not authorize the transaction.

The fraudsters usually make urgent requests to click the malicious link to confirm the same.

According to the Intelligent CIO, a survey helped to find out that more than 53% of people in the UAE witnessed online banking fraud at least once in the first half of 2020. That is more than half of the total users!

More Polished Fraud Tactics

You must be well aware of the increasing data breaches every passing, year, month, day, and hour. With the number of data breaches skyrocketing, fraudsters can easily access your personal data, also known as PII (Personally Identifiable Information). They use the same data to impersonate you and your organization to target your customers, partners, and even employees.

Moreover, they can also take over your account. Using the log-in credentials obtained via data breaches or social engineering. This might lead to a serious threat to the people involved with the organization.

For instance, a fraudster can impersonate the identity of a head accountant and send an email to one of the employees working in the accounting department to transfer a sum of money. The worse they can even try to trick your clients and partners into transferring the payment into their bank account.

Moving Forward

All these factors contribute to the rising online fraud in the region. It may seem like you are safe from all of these or you may think the fraudster will not target your organization. However, as for cybercriminals, there is no big or small, as long as they can earn some easy money or get hands-on valuable data they will target anyone. After all, that is what they are seeking!

Moreover, impersonating a trusted and legitimate brand makes them successful in running this fraudulent business.

So, now the question arises, how do we stop online fraud?

As I mentioned above, the key to their success is “impersonation” while sending malicious emails. If we stop them from impersonating a legitimate person or a brand then we have a very high chance of decreasing the number of online frauds.

TDMARC to Defend Email Impersonation

A solution to stop “impersonation” that your company should implement. TDMARC is a GCA-certified email authentication tool that helps in monitoring your outbound email flow. It helps your organization in stopping fraudulent emails impersonating your brand from reaching the recipients. The tool provides you with a detailed analysis of your outbound emails including the sources used in sending emails using your organization’s email domain.