Scammers Impersonating Banks To Trick People In The UAE For Personal Data

Kaspersky experts are warning against banking scams targeting people in the UAE. Cybercriminals have been increasingly posing as prominent banks, exploiting the element of fear in people and compelling them to divulge financial and personal information through various tactics.

In the first half of 2023, Kaspersky detected and blocked a total of 77,792 malicious attempts across banks, payments systems and e-commerce stores in the UAE. Zooming in on the banking scams, phishing emails have been a common mode of attack used by cybercriminals to fool people.

The above image is an example of a fake email sent by cybercriminals imitating a reputable bank. The email highlights an urgent request to complete “Know Your Customer” (KYC) verification to comply with financial regulations. Other similar requests that often appear to be urgent and are exploited by cybercriminals include suspension of transactions and compliance with UAE Central Bank. The authenticity of the email format, design and KYC link add to the legitimacy and trustworthiness of the fraudulent request. The manner in which email clients process emails received on mobile devices also contribute to the success of such phishing scams.

“Cybercriminals very well know that people are quick to act out of fear. The thought of losing money, being on the wrong side of the law or having bank accounts suspended is sufficient to compel people to respond and giveaway personal information that they would normally avoid. The key is to exercise caution and look for red flags in phishing emails. Banks and financial institutions have been continuously raising awareness against phishing scams, and it is important people pay attention to their reminders,” commented Maher Yamout, Senior Security Researcher at Kaspersky.

To safeguard yourself against such banking scams, Kaspersky experts recommend the following:

  • Before clicking on a link in an email or replying, take a closer look at the sender’s name and email address.
  • Hover over the link provided in the email as it will highlight a different website link which is not related to the bank.
  • Look out for typos in the body of the email and subject line.
  • When in doubt, always contact your bank to reconfirm the request.
  • Install a trusted antivirus software such as Kaspersky Premium to help monitor your email box and block phishing attempts.