Phishing Spree in UAE: How can Threatcop Prevent Such Phishing Attacks?

How often have you heard that somebody you know lost a chunk of money in cyber fraud? Cybercrimes targeting people amount to the major cyber attacks in the world. In a recent spree of #phishing scams in Dubai left their victim clueless. Using an RTA account is their daily activity and it has become a threat for them. In fact, in the first three quarters of 2023, there were 71 million cyber attacks in the UAE. According to Khaleej Times, there has been a staggering increase in the number of phishing attacks by 230%.?

Dubai residents are falling victim to a surge in cybercrime, with deceptive websites mimicking popular platforms like RTA's Nol recharge, Global Village ticketing, and even the Museum of the Future. These expertly crafted spoofs lure users into entering personal and financial information, leading to hefty losses. In fact, Khaleej Times pointed out that top methods of carrying out phishing attacks are KYC messages, ‘free money’ offers, undelivered parcels, and unusual email login activity.

Phishing emails have also become more prevalent in Dubai recently. These emails urge recipients to click on links to pay fictitious fines or service fees. Dubai police have warned people about these scams and urged them to report any suspicious emails or messages. In this article, we will be exploring what happened in the UAE and how hackers scammed people tons of money by just phishing. The article also features Threatcop Security Awareness Training (TSAT) solution to showcase how such attacks can be prevented by simulating them on users.

What Happened with the RTA Website? How did Dubai Residents Lose Money??

The story unfolds through the experience of Mohammad Salman, who lost Dh1,051 attempting a simple Nol card recharge. The fake site, strikingly similar to the official RTA platform, tricked him into entering his details and confirming payment with an OTP. Only later did he discover the exorbitant sum stolen from his account.

Salman's story is not a lone incident. Social media is flooded with accounts of victims losing money to the same company behind this fake RTA site, Mono Direct FJ 1 in Ukraine. A tourist lost Dh6,000 buying a fake Museum of the Future ticket, while another lost over Dh1,000 trying to book Global Village tickets.

Obaidullah Kazmi , a cybersecurity expert, urges caution and vigilance. He recommends verifying website authenticity before sharing any information, checking URLs for discrepancies (government sites end in '.ae'), identifying poor grammar, and ensuring secure connections (HTTPS). Organizations also have a responsibility to take proactive measures against spoofed sites.

The UAE faces a significant cybercrime threat, with 71 million attacks reported in 2023 alone. Authorities advise residents to never share OTPs or respond to demands for online payments, especially those claiming to be from government entities.

Also Check Out: How has Microsoft Impersonation Become a Major Concern for CISOs?

How Hackers Manipulated Search Engines by Just Phishing Attacks?

A recent wave of phishing scams in Dubai has prompted warnings from local police and businesses. The scams involve fake websites that mimic popular online destinations, such as the city's travel card top-up site. These websites are often promoted through search engine manipulation, making them appear at the top of search results.

Search engine manipulation through phishing websites involves using deceptive tactics to make fake websites appear higher in search results, tricking users into clicking on them and potentially falling victim to phishing attacks. Here's how it works:

Manipulation Techniques

• Keyword stuffing: Filling the website with relevant keywords related to popular searches, like "RTA ticket booking" or "Museum of the Future tickets," even if the content is fake or misleading.
• Search ranking manipulation: Exploiting vulnerabilities in search engine algorithms to artificially inflate the website's ranking through techniques like hidden links or invisible text.
• Cloaking: Showing legitimate content to search engines while presenting a different, malicious version to users who click on the link. This can also involve using HTTPS certificates to make the website appear secure.
• Buying paid ads: Purchasing targeted ads on search engines that appear for relevant keywords, further increasing the visibility of the fake website.

Why Phishers/Hackers Use This?

• Increased reach: By appearing higher in search results, the fake website reaches a wider audience, increasing the chances of someone clicking on it.
• Credibility boost: Ranking high in search results can lend a false sense of legitimacy to the website, making users more likely to trust it.
• Targeting specific victims: By using relevant keywords, phishers can target specific groups of people they know are more likely to fall for their scams, like frequent travelers or online shoppers.

Impacts of This Manipulation

• Financial losses: Victims who fall victim to the phishing attacks may lose money, credit card information, or other sensitive data.
• Identity theft: Hackers can use stolen information for identity theft, leading to serious financial and legal problems.
• Reputation damage: Businesses can have their reputation damaged if their brand is used in phishing attacks.

Experts say that some of the recent Dubai-targeting scams display the hallmarks of watering-hole attacks. In these attacks, victims are lured to a fake website that resembles a real website. Once they enter their #credentials, the scammers harvest them and use them to gain access to their accounts.

Also Read: Defending Against Social Engineering in the Middle East

The best defense against phishing scams is to be aware of how they work and to be careful about what information you share online. If you are unsure about the legitimacy of a website or email, do not click on any links or enter any personal information. Now, let us visualize how phishing simulation can help in defending such attacks considering the exact cyber attack mentioned above.

Awareness is the Best Defense: Step-by-Step Insight on How to Simulate Phishing Attacks with TSAT

Threatcop Security Awareness Training (TSAT) is an #innovative platform designed to aware and empower organizations and individuals against the ever-evolving threat of cyberattacks. It goes beyond traditional training by simulating real-world cyberattacks, identifying vulnerabilities in employee behavior, and providing targeted education to improve security awareness. Imagine running dummy phishing campaigns to assess your employees' susceptibility to email scams or simulating ransomware attacks to gauge their response protocol.?

Check Out: Threatcop Security Awareness Training

Threatcop analyzes the results of these simulated attacks, allowing you to pinpoint knowledge gaps and tailor training programs to address specific weaknesses. This proactive approach equips your employees with the skills and knowledge to recognize and resist sophisticated cyber threats, ultimately making your organization a more resilient target. With features like interactive assessments, engaging awareness content, and advanced LMS (Learning Management System) capabilities, Threatcop Security Awareness Training provides a comprehensive solution for building a robust security culture within your organization.

Step 1: Login to Your Exclusive TSAT Portal & Prepare Campaign

As a TSAT user, you must require a dashboard that gives you comprehensive analysis and insights on the threat level of the organization. The below image depicts the dashboard of one of our internal R&D team members.

In a UAE phishing scam, the hackers imitated the Road and Transport Authority (RTA) website. The citizens use this website to manage their travel bookings and travel cards. The Nol card helps people make certain payments for parking and travel. The hackers actually drafted a series of SMS and emails citing the need to make payments. Additionally, they developed a fake website and hosted it on Google, which also allowed surfing users to access and make fraudulent transactions unknowingly.

Let us now create a campaign in TSAT to explore this in detail.

Step 2: Create Prerequisites for Phishing Simulation and Mimic RTA Website for Genuinity

Considering the UAE phishing scam scenario, we would need to develop email templates and phishing websites for RTA. For that, you would need to click on the Campaign Templates tab in the left-side panel of the dashboard. Then, you need to click on the [Create Template] button.

The next window will allow you to provide details for the identification and generalization of the campaign for your internal team. Fill in the information as per the requirement. For example, we have given the following information -

• Name of the campaign- UAE Phishing Scam Simulation
• Campaign Template Category- Travel
• Language- English
• Types of Simulation- Simulation Attack + Training (there are other options as well)
• Attack Vector- Phishing

*** Check box for credential harvesting.

In the next step, you need to create an email template for the campaign.

Step 3: Draft Phishing Email Campaign using Import Option or AI

In this section, you can directly import the email of the RTA that a user might have received in their inbox by copying the original email header and pasting it into TSAT. Additionally, you can use the AI-Generate feature for making email templates.

***For ease of convenience, we have demonstrated a sample template that was not created to perfection because of privacy policy and ethical considerations in the image below.

Step 4: Create Phishing Site Using Import Site Option

Use the URL and the [Import Site] button to create a phishing landing page for harvesting the credentials of the target user.

Select all the checkboxes as shown below.

Step 5: Select a Type of Training for Victims

In the next section, you will get a series of options to choose from for awareness and training. In the image given below, there are a few options. Choose one as per the campaign.

Step 6: Create an Attacker Profile for Genuinity?

Get a phishing domain and create an email ID. Furthermore, use that information to create an attacker profile.

Step 7: Preview and Ready for the Phishing Simulation Campaign

Upon clicking on the review button, you will get to see something like below.

Step 8: Create Phishing Campaign and Simulate on Target Employees

Click on the Create Template button in the right hand corner as shown in the image above. Then a new section will appear asking you to choose from New Campaign or Follow Up Campaign. In this scenario, we have to use New Campaign. But Follow Up Campaign can be used for a series of phishing campaigns targeted at a specific audience. This can be attributed to spear phishing.

Step 9: Provide the Details for the Phishing Campaign

Fill in the details for Campaign Name and target User Group. It will look something like below.

Step 10: Click on Send Now Button or Schedule for Later

After going through all 10 steps, you will be able to run a phishing campaign using TSAT, educating target users about any type of attack that is prevalent in the industry or seems likely to be occurring.?

Additionally, you can prepare your phishing simulation campaigns beforehand and schedule your campaign for anytime later. This will help you to prepare and schedule a series of simulation campaigns and tailored awareness training accordingly.

Must Read: Benefits and Purpose of Security Awareness Training

The Future of Cybersecurity: Simulating Reality to Secure Your Reality

The recent surge in sophisticated #phishing scams in Dubai showcases a grim picture of cybercrime's growing complexity. While security awareness and caution remain crucial, reactive defense is no longer enough. Threatcop Security Awareness Training (#TSAT) offers a proactive solution by simulating real-world attacks like the RTA website scam, exposing vulnerabilities, and tailoring training to address them. By taking the fight to the hackers through simulated exercises, TSAT empowers organizations and individuals to build a robust security culture and become resilient targets in the ever-evolving threat landscape.?

Let's not wait for the next victim; let's turn the tables on hackers by mastering their tricks, one simulated attack at a time.

Check Out More Interesting and Insightful Article

People Security Management: A Comprehensive Framework and Model

Google & Yahoo’s New Anti Spam Policy

The Crucial First Line of Defence: Security Awareness Training for New Hires

The Cost of Ignoring People Security Management (PSM) in Cybersecurity

Information Security: The New Trend is Awareness