CyberSecurityBoard
Sponsor Register Login

UAE Faces Fresh Plague of Phishing Scams, Poisoned Searches

A recent spate of phishing scams - promoted through counterfeit websites - has prompted warnings from police and local businesses in the United Arab Emirates.
The alerts flag fake websites posing as Dubai's Road and Transport Authority, which runs the metro and bus network in the city, as well as tourist sites such as Global Village and the Museum of the Future.
'Black Hat' SEO Poisoning Scammers are attempting to duplicate a legitimate website or app using a counterfeit domain, often with the false veneer of legitimacy through a digital certificate, and promoting them using so-called black hat search engine optimization.
Chris Hauk, consumer privacy advocate at Pixel Privacy, says cybercriminals can use various techniques to improve the ranking of their scam pages.
This can include keyword stuffing, where relevant keywords are crammed into a webpage's text or meta tags; search ranking manipulation, which uses bots or humans to search for keywords and generate fake clicks for the malicious site; and cloaking, which involves offering search engine crawlers with different information than what is actually displayed to visitors to the site.
Rew Whaley, senior technical director at Promon, explains that one of the most prevalent ways that criminals boost their page is by buying an HTTPS domain.
Anyone can pay for the certificate and have a legitimate-looking website.
Watering Hole Attacks Experts tell Dark Reading that some recent Dubai-targeting scams display the hallmarks of watering-hole attacks.
He says the attack typically requires the user to enter their credentials, and even one-time password codes, which are harvested and subsequently abused.
Phishing Oasis As well as scam websites impersonating legitimate public services, phishing emails have become more prevalent in Dubai recently.
These urge recipients to click on links to pay fictitious fines or service fees while falsely posing as either emails or SMS messages supposedly sent to them by trustworthy organizations, such as the local police force.
This has led Dubai police to warn people about phishing scams where fraudsters posed as cops.
Replies to the thread report that as well as sending messages, the fraudsters call prospective marks in an attempt to trick them into handing over their Emirates ID details.


This Cyber News was published on www.darkreading.com. Publication date: Thu, 11 Jan 2024 19:35:04 +0000


Cyber News related to UAE Faces Fresh Plague of Phishing Scams, Poisoned Searches

10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
1 week ago Cybersecuritynews.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
Unravelling Retirement Banking Scams and How To Protect Yourself - In the labyrinth of financial scams, one of the most insidious is the retirement banking scam. According to the FBI, in 2020 alone, financial scams targeting seniors netted more than $1 billion. It's a quiet crisis that we need to address, and ...
1 year ago Hackread.com
UAE Faces Fresh Plague of Phishing Scams, Poisoned Searches - A recent spate of phishing scams - promoted through counterfeit websites - has prompted warnings from police and local businesses in the United Arab Emirates. The alerts flag fake websites posing as Dubai's Road and Transport Authority, which runs ...
1 year ago Darkreading.com Cloak
UAE Cybersecurity Official Warns of VPN Abuse - The top cyber official in the United Arab Emirates worries that virtual private networks are being misused in the country. UAE residents increased their downloads of VPN apps by 1.83 million in 2023, reaching a total of 6.1 million, according to the ...
1 year ago Darkreading.com
Best of 2023: Why is everyone getting hacked on Facebook? - Importantly, phishing relies on the victim trusting the scammer and taking an action - like clicking a link or sending bank account information - in order for the scammer to get what they want. It's not your imagination - social media scams really ...
1 year ago Securityboulevard.com
UAE Banks on AI to Boost Cybersecurity - For the United Arab Emirates, an aggressive push for a more digitized economy attracted plenty of interest and subsequent investment - but also made it a prime candidate for relentless cyberattacks. With nearly 50,000 cyberattacks reportedly thwarted ...
1 year ago Darkreading.com
Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
1 year ago Securityzap.com
How Criminals Are Leveraging AI to Create Convincing Scams - Cybercriminals create far more sophisticated scams with generative AI than traditional phishing scams. According to Visa research, scammers are fooling even the savviest internet users by launching pig butchering, inheritance, humanitarian relief ...
1 year ago Tripwire.com
Cybercriminals target UAE residents, visitors in new info-stealing campaign - A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research. The cybercriminals - called the ...
1 year ago Therecord.media
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Romance Scammers are Adopting Approval Phishing Tactics - Romance scams are labor-intensive and time-consuming schemes to run. They can be lucrative, pulling in millions in stolen cryptocurrency, but they also can end up going nowhere if the targeted victim becomes suspicious or the bad actor decides there ...
1 year ago Securityboulevard.com Rocke
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
1 year ago Infosecurity-magazine.com
UK to block all Social Media Scams - Starting May 2024, residents of the United Kingdom can breathe a sigh of relief, as social media platforms operating in the country have collectively committed to combating a range of scams on their respective networks. This includes everything from ...
1 year ago Cybersecurity-insiders.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
3 months ago Cybersecuritynews.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com
Netcraft Report Surfaces Spike in Online Healthcare Product Scams - A report published today by Netcraft, a provider of cybersecurity services, finds the volume of online scams relating to healthcare that are emanating from inexpensive top-level domains is spiking-accounting for as much as 60% of daily domain ...
1 year ago Securityboulevard.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 year ago Hackread.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
3 months ago Cybersecuritynews.com
Telegram is a Wide-Open Marketplace for Phishing Tools - The encrypted messaging app Telegram has become a veritable marketplace for bad actors who want to launch effective phishing campaigns on the cheap, essentially democratizing the cyberthreat, according to researchers at cybersecurity firm Guardio. ...
1 year ago Securityboulevard.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
4 months ago Bleepingcomputer.com
Holiday Threats Surge as Christmas-Themed Scams Explode - As the winter holidays approach, malicious spammers have ramped up their efforts, flooding inboxes with a surge of unsolicited emails and Christmas-themed scams, according to a Bitdefender report. Key findings indicated a steady rise in ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)