Bargains or bait? UAE Black Friday shoppers warned of digital dangers

The UAE’s rapid digital transformation makes it vulnerable to seasonal cyber threats

Read more...

By Ziad-Nasr

Published: Tue 19 Nov 2024, 9:24 PM

According to recent reports, URL detections in the UAE have risen by 36.5 per cent, increasing from an average of 17.05 per cent in 2023 to 23.34 per cent in 2024, highlighting growing online security challenges in the region. As the holiday shopping season begins, with too-good-to-be-true deals attracting eager shoppers, cybercriminals are ready to exploit this excitement — particularly during high-traffic days like Black Friday and Cyber Monday.

Beware of these scams

The UAE’s rapid digital transformation and its role as a global financial and innovation hub make it particularly vulnerable to seasonal cyber threats. The region faces a surge in online activity during peak shopping events like Black Friday, accompanied by increases in phishing, spam, and sophisticated scams. The “Phish n’ Ships” campaign, active since 2019, has infected thousands of legitimate online stores, by displaying fake product listings and redirecting customers to fraudulent sites where personal data and payment information are stolen. SEO techniques make these attacks appear legitimate in search results, deceiving even wary consumers.

Advertising
Advertising

Scammers are also ramping up fake coupon schemes, directing users to malicious links disguised as discounts. This tactic has contributed to the surge in fraudulent activities observed during Ramadan, where consumer spending in Saudi Arabia exceeded $16 billion, attracting cybercriminals and resulting in an estimated $70 to $100 million in financial losses. Account verification scams are also on the rise, with fake alerts pushing users to “confirm” suspicious login attempts via fraudulent links. Similarly, fake delivery notifications are exploiting the surge in shipping traffic, with an alarming rise in scams impersonating “Emirates Post” that lure consumers to malicious sites disguised as shipment trackers, deceiving them into sharing personal information and making unauthorized payments.

Prepare and stay one step ahead

1. Implement Multi-Factor Authentication (MFA) and Zero Trust Access (ZTA): These are security strategies that enhance protection by requiring multiple forms of user verification (MFA) and by continuously verifying each access attempt regardless of network location (ZTA). They add extra layers of protection, ensuring that even if attackers gain access to one credential, they cannot easily infiltrate the entire system.

Ziad-Nasr, General Manager of Acronis Middle East, Acronis

2. Use Multi-Layered Email Security with AI/ML: Advanced email security solutions that leverage AI and machine learning can detect and block phishing attempts by identifying suspicious patterns and behaviors in real-time.

3. Maintain Immutable Backups and Behavioral Analysis Tools: These tools protect against ransomware by creating tamper-proof backups and analyzing behavior to quickly identify unusual activities, enabling faster recovery after an attack.

4. Ensure Real-Time Data Monitoring and Incident Response Plans: Businesses should monitor data access continuously and establish a well-practiced incident response plan to quickly detect, respond to, and contain any security breaches.

5. Stay Proactive with Regular Security Audits and Employee Training: Regularly auditing security protocols and training employees on cybersecurity best practices, such as recognizing phishing scams, will help maintain awareness and preparedness against emerging threats.

As the UAE continues its rapid digital transformation, the country faces an increasing array of cyber threats, especially during peak shopping periods like Black Friday and Cyber Monday. From sophisticated phishing campaigns to targeted attacks on critical infrastructure, businesses and consumers alike are vulnerable to evolving tactics used by cybercriminals. Implementing robust security measures can help mitigate these risks. With a proactive approach that includes vigilance, employee training, and comprehensive incident response plans, both organizations and individuals can better protect themselves against these seasonal and year-round cyber threats.

Ziad-Nasr

Published: Tue 19 Nov 2024, 9:24 PM

Recommended for you