Thursday, November 21, 2024

Top 5 This Week

Related Posts

Counterfeit QR codes, fraud police officers: How UAE residents are conned by impostors

Several years ago, a majority of the fraud victims claimed that they had been financially defrauded after getting their credit cards stolen. Now, scammers are becoming more daring and using more elaborate techniques like the use of WhatsApp, Google Pay and Apple Pay platforms among others, to defraud people.

These fraudsters are taking advantage of those desperate enough to seek for a quick fix to their problems. For instance, Lina is a Filipina working in Dubai and she is currently undergoing chemo treatment. She borrowed Dh100,000 through a bank agent to cater for her treatment. Of course, when she was applying for the loan she provided all her contact details and other necessary information to the bank agent.

What came as a shock to her, she said in an interview with the media, was the next day she was called by a man who pretended to be a Dubai Police officer. “The caller was fully aware of the loan I had taken, including the amount, the bank which funded it, and the terms of repayment,” she said.

“I was told that the call was authentic as the caller wanted to confirm some details regarding an investigation into fraudulent practices related to my loan agreement,” Linta recounted.

“This incident has raised concerns on possible leakage of personal information belonging to the financial institutions,” as observed by Atty. Barney Almazar, a director at the corporate-commercial department of Gulf Law, is representing Linta.

Almazar told the media: “When I began helping victims of credit card fraud in Dubai over a decade ago, the majority of victims lost their physical cards and the fraudsters thereafter used them. Credit card fraud has come a long way and most if not all frauds are committed through platforms such as WhatsApp, Google Pay, and Apple Pay.”

Fake QR codes

Almazar said fraudsters manufacture fake QR (quick-response) code and share them with the members of the WhatsApp groups in order to lure the victims into scanning them with the thought that they will be paid once they take part in a identify verification exercise. Other members of the chat group who are an accomplice with the scammer will give a word of assurance about the QR code arguing that they received money before.

Fake customer service calls

Another victim – A.S. received the call where the fake employee identified himself as coming from a bank’s anti-fraud department. In the call, he succeeded in deceiving A.S on the fact that her account was hacked and that she needed to verify it. A.S. gave the OTP to the scammer allowing him/her to go through a mediante transaction on the internet.

Despite believing she had requested a refund from SnapChat, A.S. ended up loosing Dh45, 000 to the scammer gained access to her account.

Almazar said: “To a certain extent, many banks are satisfied with mere compliance, which means that while they abide by the rules, security threats are not actively fought. Compliance should be the minimum: the job is done when rules are met, but much more should be done without waiting for the rules to be changed.”

Apple Pay scams

These scammers during their operations often employ emerging technologies such as Intelligent Computing, and Artificial intelligence and machine learning. These tools help them to schedule their phishing attacks, build authentic-looking replicas of the sites that people frequent and target the victims better.

“Apple Pay, despite its robust security features, is not immune to fraud,” noted Almazar, adding: “Bogus money makers have discovered how to seize other opportunities and, once again, the focus is made on the user, not the machine.”

A victim experienced transaction fraud in just under two hours and was defrauded out of Dh89,000 through Apple Pay. He was told to click a link and this led him to a fake website address of a website that does not exist. Thinking it was the real Apple website he entered his Apple ID and password and to his surprise, lost his money.

SIM card cloning scams

Fraudsters are utilizing SIM card cloning to intercept OTPs, allowing them to receive codes meant for the victim’s phone. For example, a 58-year-old man in India lost his savings when scammers transferred his number to a new SIM card they controlled. This allowed them to receive his OTPs without his knowledge. When he realized his phone service was lost, the mobile provider confirmed his SIM had been cloned.

Why fraudsters are often a step ahead

Cyber security expert Irene Corpuz, founding partner and board member, of Women in Cybersecurity Middle East, said: “Scammers use ChatGPT or AI (artificial intelligence) to make sophisticated techniques, and that makes it more difficult for the individuals to identify what’s real from fake. Scam emails now are well written with the help of Grammarly or ChatGPT.”

Almazar added: “Fraudsters frequently use cutting-edge technology, including AI and machine learning, to craft sophisticated scams. These tools enable them to automate phishing attempts, create realistic fake websites, and target victims more effectively.”

Stay informed and proactive

Almazar and Corpuz shared the following guidance to avoid falling into fraudsters’ scams.
• Always verify callers claiming to be from your bank.
• Avoid long calls with suspicious callers. Don’t share sensitive info over the phone or email.
• Verify QR codes before scanning.
• Enable multi-factor authentication for all accounts and monitor statements.
• Stay informed about scams and attend cybersecurity training.
• Be cautious with unsolicited emails, use strong passwords, and enable two-factor authentication where possible.

Popular Articles