Fraudsters stealing identity of unsuspecting users

Dubai: International fraudsters wishing to exploit internet users for purposes of identity theft are becoming savvy in targeting UAE residents, and etisalat subscribers have become the latest target.

Having familiarised themselves with UAE companies and their brands, Internet fraudsters known as "phishers", that pose as banks, credit card and phone companies to extract customers' personal information, have started to target UAE internet users.

Etisalat has recently sent its subscribers warning emails about attempts by phishers to target its subscribers. Fraudsters in this case had sent email to etisalat subscribers' eim.ae addresses masquerading as the telecom company in order to extract personal information.

Dr Fadi Aloul, Assistant Professor of Computer Engineering at the American University of Sharjah, said there is not enough awareness among UAE residents about the dangers of phishing, which is a cause for concern as attacks are on the rise.

Spreading awareness, he said, is the combined responsibility of private and government institutions including banks, telecoms operators and law enforcement authorities.

He added however that the UAE was the first Gulf Arab country to introduce "sufficient laws" to deal with such crimes, but questioned the awareness judges had in online crimes while adjudicating such cases.

Phishers targeting UAE residents is not a new phenomenon however. Ahmad Ali, a media executive, said he almost became a victim two years ago when he first moved to Dubai.

"I was looking for a car and saw a classifieds advertisement for a Nissan Pathfinder. The price was listed in UAE dirhams and was relatively cheap. I emailed the seller who said that I'd have to buy the car online," he said.

Ali discovered the phishing attempt when he received what appeared to be a payment request from online service PayPal.

"It looked real but had a payment link on a different site," he said. "It turned out that the seller was in Romania, but said he just moved there from the UAE. He knew everything about the country and even told me where he lived."

Help steps

Don't be fooled

How to avoid becoming a victim of phishing

If you receive an email claiming to be from your bank, phone company or from any company asking for personal information, take the following precautions:

- Check the email address it comes from:

Phishers trying to pose as a company are unlikely to send email from the company's official email address. For example, someone posing as Etisalat is likely to send the email from a non-etisalat account, such as free email services like yahoo or gmail.

- Check for external links:

Phishing emails often require you to click a link to make a payment or enter personal details. Check where these links take you. They are likely to be pages on third party web sites (not the company's domain) that are made to look like the company's web site

- Check phone numbers provided:

Phishers will include customer support phone numbers to appear legitimate. Check these numbers. If they are in countries the company is not known to have operations, it could be a case of phishing.

- A.A.L