Internet swindle: UAE experts warn consumers of fake deliveries and WhatsApp fraud

Online criminals have stepped up efforts to steal money and credit card details from consumers in the UAE, cybersecurity experts say. In the past few months there has been a surge in the number of scams involving fake deliveries and WhatsApp messages, said Tatyana Shcherbakova, senior web analyst at online security firm Kaspersky. The UAE has long been enticing for hackers due to the country’s perceived wealth. The pandemic has also attracted cybercriminals looking to exploit increased online activity, as many people work from home. ‘Criminals often adapt to the situation on hand,” Ms Shcherbakova said. “In this case, and ever since the pandemic started, we’ve seen an increase in scams related to the delivery topic where criminals ask victims to pay a little sum of money for a fake ‘pending’ delivery.” She said scammers have been taking advantage of a global disruption in deliveries, caused by the pandemic, which saw supply lines slow down around the world as borders closed to contain the spread of Covid-19. This involved fake delivery invoices being sent to email addresses. In such cases, once the user clicks on the link they are directed to a fake website asking them for a payment to cover a customs charge to release the delivery. Criminals have also targeted people via WhatsApp, informing them they had won a prize and needed to send payment to cover delivery costs. She said cybercrooks continue to use all means at their disposal to extract money from people and even personal information in phishing scams, which could unlock sensitive financial information such as passwords and account numbers. Phishing scams involve sending fake emails to numerous recipients in the hope some of them are tricked into clicking on the links. “Criminals often rely on spam and phishing to try and trick users. One method used is social engineering, where criminals try to manipulate users into clicking on a malicious link and eventually giving out sensitive information like credit card details,” she said. “Another method is a ‘chain scheme’ where a scammer asks a user to share the malicious link with their contacts - for other users it looks like the message from a person they know and do not suspect any wrongdoing.” There were almost 350,000 phishing attempts blocked by Kaspersky in the UAE during Q2. The Emirates faced the fourth-highest number of attacks in the world, according to the cybersecurity firm. Only Spain, Italy and Germany had more attempts to redirect people to fraudulent websites in that period. Another cybersecurity expert said people needed to pay attention to emails. “If you are expecting a package or you receive a message regarding a package you weren’t expecting, go to your phone’s app store and download the relevant app directly or visit the shipper’s website and type the tracking code in,” said Brian Chappel, director of product management for BeyondTrust, a cybersecurity firm. “Links in messages you weren’t expecting should always be treated as suspicious. “Also remember that no service is going to ask you for information in ‘recently sent emails’ as proof of your identity.” He said it is advised to reach out to the company that supposedly sent the email or phone call. “If in doubt, hang up and call directly – they really won’t mind if it’s really them,” he said. “Don’t, however, take a number from the caller to ring them back.” Another scam people should be alert to was strange numbers calling several times and hanging up, said Tarek Kuzbari, the Middle East regional director for Cybereason, another cybersecurity firm. “Be aware of calls from strange numbers especially if they phone you few times and hang up as they make money when you call back,” he said. “Sometimes you will also get messages telling you have won a prize like a car in a draw and they just need to share personal details. Unfortunately, a lot of people fall for these scams.”

Internet swindle: UAE experts warn consumers of fake deliveries and WhatsApp fraud

Cybersecurity firm Kaspersky says it blocked almost 350,000 phishing attempts in the Emirates in Q2