UAE Cybersecurity Council warns public against rising phishing scams

Abu Dhabi: The UAE Government’s Cybersecurity Council has warned of the spread of common fraudulent messages targeting individuals, urging the public to remain vigilant and refrain from interacting with any suspicious messages received via mobile phones or messaging applications.

In a statement posted on its official social media accounts, the Council highlighted some of the most prevalent scam messages, including: “You’ve won!”, “You have a refund”, “Verify your bank account”, messages appearing to come from the user’s own phone number, as well as low-interest credit card offers. The Council stressed that such tactics are carefully crafted to appear convincing and are often delivered at unexpected times to prompt recipients to click quickly or share personal information.

It explained that fraudulent messages are designed to steal sensitive information such as bank account details and passwords or to install malicious software on smart devices, potentially exposing users to significant financial losses and serious cyber risks.

Think before you click

The Council emphasised that awareness represents the first line of defense against such threats, calling on individuals to think before clicking and to avoid sharing any personal or financial information through untrusted links. It also underscored the importance of reporting suspicious messages through officially approved channels.

The Cybersecurity Council reaffirmed the need to adhere to digital safety guidelines and protect personal data, contributing to stronger cybersecurity and a safer digital environment for all, under the slogan: “Think before you click… and stay cyber safe.”

It further warned against scam messages also known as phishing or SMS fraud which deceive recipients into providing personal information to fraudsters posing as well-known companies, institutions, or even family members.

How to identify fraudulent messages

The Council noted that such messages often create a sense of urgency, appear too good to be true, or originate from unknown numbers, stressing the importance of pausing, thinking, and verifying before taking any action.

It explained that indicators of scam messages include urgent requests, offers that seem unrealistically attractive, messages from unfamiliar numbers, or a lack of personalization. The Council advised against responding to fraudulent messages, urged users to block the sender’s number, avoid clicking on embedded links, download applications that block spam messages, and delete untrusted messages immediately.

The Cybersecurity Council also revealed that fraudulent messages increased by 35% over the past year, reiterating the importance of not engaging with such messages, blocking them, deleting them, and reporting them.

Five ways to detect digital fraud

The UAE Government’s Cybersecurity Council also warned against fraud driven by artificial intelligence, calling for the adoption of five key measures to detect it. These include pausing and assessing the situation, avoiding clicking or replying, reviewing message details carefully, looking for spelling or language errors given that more than 90% of breaches begin with a phishing message verifying information through reliable secondary channels from official sources, enabling two-factor authentication, and activating antivirus software.

Through its social media platforms, the Council stressed the importance of remaining alert to AI-enabled fraud attempts, urging the public to follow these five steps to identify threats, activate authentication measures, and strengthen digital security.

AI-driven fraud… The decision lies with the user

The Council clarified that the final decision lies with the user, warning of AI technologies exploited by fraudsters for deception and manipulation. Such techniques are designed to quickly build trust and pressure individuals into making unsafe decisions, such as transferring money or sharing sensitive information. It urged users to scrutinize, question, and protect their personal data.

The Council also called for stronger data protection practices, including carefully reading consent terms, paying attention to warning signs such as excessive data collection, adjusting privacy settings by limiting permissions and disabling unnecessary tracking, avoiding logging in through social media accounts in favor of email-based accounts, exercising caution when using free services, verifying what data is collected before registration, and regularly reviewing and deleting stored data to maintain control over personal information. It concluded by stressing the importance of vigilance, awareness, and protection.