Bargains or bait? UAE Black Friday shoppers warned of digital dangers

According to recent reports, URL detections in the UAE have risen by 36.5 per cent, increasing from an average of 17.05 per cent in 2023 to 23.34 per cent in 2024, highlighting growing online security challenges in the region. As the holiday shopping season begins, with too-good-to-be-true deals attracting eager shoppers, cybercriminals are ready to exploit this excitement — particularly during high-traffic days like Black Friday and Cyber Monday.

Beware of these scams

The UAE’s rapid digital transformation and its role as a global financial and innovation hub make it particularly vulnerable to seasonal cyber threats. The region faces a surge in online activity during peak shopping events like Black Friday, accompanied by increases in phishing, spam, and sophisticated scams. The “Phish n’ Ships” campaign, active since 2019, has infected thousands of legitimate online stores, by displaying fake product listings and redirecting customers to fraudulent sites where personal data and payment information are stolen. SEO techniques make these attacks appear legitimate in search results, deceiving even wary consumers.

Scammers are also ramping up fake coupon schemes, directing users to malicious links disguised as discounts. This tactic has contributed to the surge in fraudulent activities observed during Ramadan, where consumer spending in Saudi Arabia exceeded $16 billion, attracting cybercriminals and resulting in an estimated $70 to $100 million in financial losses. Account verification scams are also on the rise, with fake alerts pushing users to “confirm” suspicious login attempts via fraudulent links. Similarly, fake delivery notifications are exploiting the surge in shipping traffic, with an alarming rise in scams impersonating “Emirates Post” that lure consumers to malicious sites disguised as shipment trackers, deceiving them into sharing personal information and making unauthorized payments.

Prepare and stay one step ahead

1. Implement Multi-Factor Authentication (MFA) and Zero Trust Access (ZTA): These are security strategies that enhance protection by requiring multiple forms of user verification (MFA) and by continuously verifying each access attempt regardless of network location (ZTA). They add extra layers of protection, ensuring that even if attackers gain access to one credential, they cannot easily infiltrate the entire system.

As the UAE continues its rapid digital transformation, the country faces an increasing array of cyber threats, especially during peak shopping periods like Black Friday and Cyber Monday. From sophisticated phishing campaigns to targeted attacks on critical infrastructure, businesses and consumers alike are vulnerable to evolving tactics used by cybercriminals. Implementing robust security measures can help mitigate these risks. With a proactive approach that includes vigilance, employee training, and comprehensive incident response plans, both organizations and individuals can better protect themselves against these seasonal and year-round cyber threats.