"Dubai Police" Attracts a Wave of Mobile Attacks in the UAE

The Dubai Police are the most recent victims of impersonation by scammers in the United Arab Emirates (UAE), who are posing as the law enforcement organization and sending thousands of text messages to unwary cellphone users. BforeAI researchers noticed a recent increase in phishing attempts that use purported police messages to trick SMS receivers into clicking on a malicious URL in order to reply to fictitious legal issues or to register with a "official" web site. The provided URLs take victims to phony websites that collect private data, such as bank account information or personal identification numbers.

"Dubai Police" Attracts a Wave of Mobile Attacks in the UAE

The Dubai Police are the most recent victims of impersonation by scammers in the United Arab Emirates (UAE), who are posing as the law enforcement organization and sending thousands of text messages to unwary cellphone users. BforeAI researchers noticed a recent increase in phishing attempts that use purported police messages to trick SMS receivers into clicking on a malicious URL in order to reply to fictitious legal issues or to register with a "official" web site. The provided URLs take victims to phony websites that collect private data, such as bank account information or personal identification numbers.

According to BforeAI, the marketing employs expertly designed lures with formal branding, indicating a considerable degree of sophistication. However, even though the lures are designed for UAE nationals, the phishing technique is similar to a 'spray-and-pray' model in its broad reach. According to Abu Qureshi, lead for threat intelligence and mitigation at BforeAI, "the campaign targets individuals likely to respond to law enforcement-related communications, of which legitimate comms of this nature are not uncommon in the UAE targeting particularly those with a limited understanding of digital threats," Dark Reading reports.

"The most striking aspect of this campaign is the calculated misuse of Dubai Police branding to establish credibility and deceive victims," he states. "This demonstrates a sophisticated understanding of social engineering techniques and reliance on psychological manipulation, exploiting fear and trust in law enforcement which for citizens of the UAE is of utmost importance."


Cybercriminals Are Targeting the Middle East and UAE More Often

Campaigns of cybercrime directed at businesses and people in Dubai and other UAE locations are notably on the rise. 87% of UAE businesses have experienced some kind of cyber event in the last two years, according a study released earlier this year by Kaspersky. "The UAE is a high-value target due to its affluent population, high Internet penetration, and reliance on digital services," Qureshi states. "Cybercriminals exploit these factors alongside vulnerabilities in newly adopted technologies."

He points out that the cybercrime craze is a part of a broader trend in which people and organizations are being targeted in various parts of the Middle East. "There's a focus on wealthy regions and individuals to maximize financial gain," according to him. "There are also regional geopolitical interests and an increased focus on Middle Eastern entities due to economic and political dynamics."

According to Qureshi, fraudsters are focusing on digital adoption vulnerabilities that result from the quick deployment of cutting-edge technology without sufficient safeguards because the region has enthusiastically embraced digital transformation and IT modernization.

Leading a Cybercrime Campaign for the UAE in Singapore

In order to swiftly cycle through many domains and host malicious Web pages intent on financial crime, the cyberattackers behind the Dubai Police offensive seem to have employed mass registration or an automated domain generating algorithm (DGA). In order to effectively evade detection, each domain is brief. According to BforeAI researchers, the majority of those domains came from Tencent servers located in Singapore. The researchers pointed out that the company's servers have previously hosted criminal behavior such as spam, phishing, and botnets.

"Tencent, a Chinese-based technology giant, maintains a significant hub in Singapore, leveraging the city-state's strategic location and robust digital infrastructure," claims Qureshi. "Despite Singapore's strong cyber-resilience and rigorous policies to address malicious activity, its status as a global tech hub makes it a prime location for abuse of legitimate platforms by cybercriminals."

Qureshi goes on to say that the exploitation of trustworthy services may be the cause of malicious activity on Tencent servers. He says that "high-traffic servers can be abused to host or relay malicious content without the company's direct knowledge," and that jurisdictional complication may also be involved. It could be difficult for Singapore's police to coordinate with international organizations and distinguish between illegal and legal activities. Although Tencent's headquarters are in Singapore, they are a Chinese firm."

"Tencent, a Chinese-based technology giant, maintains a significant hub in Singapore, leveraging the city-state's strategic location and robust digital infrastructure," states Qureshi. "Despite Singapore's strong cyber-resilience and rigorous policies to address malicious activity, its status as a global tech hub makes it a prime location for abuse of legitimate platforms by cybercriminals."

According to Qureshi, the existence of malicious activity on Tencent servers may result from the exploitation of trustworthy services. "High-traffic servers can be abused to host or relay malicious content without the company's direct knowledge," he says, emphasizing that jurisdictional intricacy may also be involved: Coordinating with international organizations and distinguishing between illegal and lawful activities may present difficulties for Singapore's law enforcement. Despite having its headquarters in Singapore, Tencent is Chinese firm."

According to the study, two of the registrants were from India and Dubai itself, and their dubious names suggested that they were from a respectable business. However, the cybercriminals have largely been able to maintain their anonymity. A request for comment from Tencent was not immediately answered.

How Middle Eastern Organizations Can Guard Against Cyber Fraud

Qureshi suggests that initiatives such as this should lead to modifications in risk management for firms in the area. Even campaigns intended to target people can have an impact on businesses in the era of the mobile office, despite the fact that phishing communications are widely distributed. The fundamentals of common-sense security hygiene include verifying the payment portal and the official Dubai government domain twice before beginning any payment, as well as looking for red flags like missing HTTPs protocol, broken links, out-of-place Web designs, or suspicious phrasing or grammar.

Qureshi suggests that companies adopt a number of other actions to reduce their risk, such as:

Improved surveillance: Put in place reliable predictive phishing detection tools and keep an eye out for instances of branding abuse;

Awareness campaigns: Educate staff members on identifying and reporting phishing;

Cooperation: Address risks identified by law enforcement and CERTs;

Incident response: Create and evaluate plans for handling breaches brought on by phishing;

Reporting: When staff members get phishing communications, notify phishing reporting websites like Etisalat and DU;

And constant watchfulness: Take a proactive approach to cybersecurity to safeguard consumer confidence and brand reputation.

Lastly, "this Dubai Police campaign highlights the globalized nature of cybercrime, where local targets are exploited using international infrastructure," says Qureshi. "The value of utilizing threat intelligence and collaborating across borders to keep ahead of changing tactics cannot be overstated."