The Dubai Police face impersonation threats as fraudsters in the UAE utilize sophisticated phishing attacks to target unsuspecting mobile users. Cybercriminals are sending thousands of text messages, falsely claiming to represent the law enforcement agency, prompting victims to click on malicious URLs.
Dubai Police face impersonation threats from phishing attacks
Researchers at BforeAI have reported a surge in phishing attacks that exploit the credibility of police communications. These messages often urge recipients to address fictitious legal issues or register on “official” online portals. The deceptive links redirect victims to fraudulent websites aiming to extract sensitive information, including banking and personal identification details. According to Abu Qureshi, lead for threat intelligence and mitigation at BforeAI, the attackers employ well-crafted lures featuring official branding, indicating a moderate level of sophistication, according to Dark Reading.
Despite these tailored approaches aimed at UAE citizens, researchers note a ‘spray-and-pray’ methodology due to the broad reach of the phishing campaigns. Qureshi emphasizes that the calculated misuse of Dubai Police branding enhances the scammers’ credibility and exposes a deep understanding of social engineering techniques. This method of exploitation embodies a reliance on psychological manipulation, leveraging citizens’ trust in law enforcement.
Phishing experts are upping their game to hunt for C-suite whales
Increasing cybercrime targeting UAE citizens
The rise in cybercrime targeting UAE citizens is part of a greater trend in the Middle East. Cybercriminals are increasingly focused on affluent regions to maximize financial gain, exploiting a high-value target demographic characterized by significant digital service usage. Kaspersky’s recent research indicates that 87% of companies in the UAE have encountered some form of cyber incident within the past two years.
Qureshi highlights that the “UAE is a high-value target due to its affluent population, high Internet penetration, and reliance on digital services.” The unique economic and political dynamics in the region further attract cybercriminal activities. With many organizations embracing rapid digital transformation without adequate cybersecurity measures, these vulnerabilities provide ample opportunities for exploitation.
Recent investigations reveal that the malicious campaigns against Dubai Police originate from automated domain generation algorithms or bulk registrations, facilitating rapid cycling through various domains to host fraudulent web pages. Many of these domains have roots in Tencent’s servers based in Singapore. Researchers have found Tencent servers connected to previous malicious activities, further complicating the cyber threat landscape.
Qureshi notes the challenges law enforcement faces in addressing this issue, as the presence of malicious activity on Tencent servers could result from the abuse of legitimate services. The jurisdictional complexities complicate enforcement actions against perpetrators behind these campaigns. Two registrants connected to the fraudulent activities have been identified as operating from India and Dubai, with names crafted to reflect legitimacy.
Resecurity uncovered a similar large-scale fraud campaign wherein scammers impersonate law enforcement to target consumers. These scams involve victims being tricked into paying non-existent fines online, with numerous reports of phone calls from individuals posing as Dubai Police officers.
The impersonation efforts leverage smishing, vishing, and phishing tactics. Particularly around significant dates like National Day, also known as Eid Al Etihad, celebrated annually on December 2, scammers intensified their activities. Citizens are often less vigilant during such festive periods, which the fraudsters exploit, leading to substantial financial losses.
The UAE Financial Intelligence Unit reported that fraud continues to pose significant risks, contributing to money laundering activities, with estimated losses reaching AED 1.2 billion (approximately USD 326 million) from 2021 to 2023. Reports from this authority highlight that phishing, vishing, and smishing are now the most common forms of fraud in the UAE.
The scam operation revealed a sophisticated approach where fraudsters initially send fake payment requests through SMS or email mimicking Dubai Police branding, including legitimate-looking payment pages. Such tactics lead to confusion and prompt victims into action, believing they are following official instructions.
In one reported instance, a victim received a call from an individual claiming to be an inspector who threatened the victim with driving license revocation unless payment was made. Such tactics reflect organized crime strategies aimed at instilling panic and urgency to extract payments. In addition, smishing scenarios capitalized on low fine amounts to entice victims into providing credit card information, often resulting in unauthorized charges.
Cybercriminals reportedly send between 50,000 to 100,000 messages daily as part of their operations, utilizing stolen databases from the Dark Web containing sensitive personal data, including phone numbers. Recent analysis has revealed a notable increase in phishing attacks using newly registered generic top-level domains (gTLDs), offering fraudsters opportunities due to their low registration costs and inadequate monitoring.
Resecurity identified over 144 domain names registered by the actors between September and November 2024, with some linked to Chinese domain registrars.
Featured image credit: Max Fleischmann/Unsplash
