UAE Cybersecurity Council warns 60 per cent of financial attacks start with stolen credentials

The UAE Cybersecurity Council has confirmed that 60 per cent of financial cyberattacks start with stolen login credentials, warning that safe digital practices can reduce the risk of breaches by up to 40 per cent.

Advice: Activate instant alerts for every transaction

As part of its ongoing digital awareness campaigns, the Council advised the public to use banking applications equipped with multi-factor authentication (MFA), enable instant transaction alerts, and avoid accessing bank accounts through public devices.

It further cautioned that bank accounts remain a primary target for fraudsters, stressing that securing digital banking systems not only protects individual wealth but also safeguards the national economy.

“Stolen login credentials can lead to unauthorized transactions, major financial losses, and legal consequences for both individuals and businesses,” the Council stated. It highlighted that “breaches are invisible to the naked eye but can cost significantly, often resulting in unauthorized transactions and financial damages.” The Council urged users to protect their data through biometric logins and avoid using public networks.

The importance of biometric authentication

The Council emphasized the role of biometric authentication in protecting accounts against “silent breaches” and reducing fraudulent intrusions and financial losses. It noted that biometric verification offers stronger control and protection against identity theft, fingerprint cloning, or facial recognition fraud, while stressing the importance of not sharing passwords or biometric data.

It underscored that secure online banking is vital for protecting funds and sensitive data, especially as the UAE—being a global financial hub—remains committed to safeguarding its digital banking systems. Safe practices, it noted, protect individual wealth and strengthen national economic stability.

The Council further pointed out that the rapid pace of technological advancement has fueled a rise in cyberattacks and online fraud, which have become increasingly complex and diversified. These threats now exploit electronic services, smart applications, and digital platforms to lure victims through sophisticated methods that are often difficult to detect until after the crime occurs.

Artificial Intelligence adds to the challenge

The Council also warned that the rise of artificial intelligence (AI) tools in cyberspace has further complicated the fight against cybercrime. Addressing these threats now requires joint efforts from individuals and institutions, along with enhanced public awareness, to keep pace with the fast-evolving landscape of digital crime.

In an earlier advisory, the Council highlighted the serious risks associated with using unsecured, open, and free Wi-Fi networks. It revealed that more than 12,000 breaches through untrusted public Wi-Fi have been recorded in the UAE since the beginning of this year—accounting for nearly 35% of all cyberattacks in the country. This, it said, demonstrates how hackers and intruders increasingly exploit such networks as traps to steal passwords, banking details, and personal information.

As part of its “Cyber Pulse” initiative, the Council has launched a weekly awareness campaign. The theme of the campaign’s second week is: “Free Wi-Fi Could Expose Your Personal Data”, aimed at educating the public on how to protect their personal information.