Beware fraudsters when Eid shopping, security experts caution

Scammers are pretty well versed in trending news topics, and festive events, such as Eid holiday sales, are popular periods of the year for both bargain seekers and online scammers, says Ashraf Koheil, director of Business Development in the Middle East Africa and Turkey at Group-IB.

Scam actors usually create distributed networks of website-clones of well-known brands long before the festive sales period even begin, he warned. Group-IB’s Digital Risk Protection team has detected an active Ramadan-themed scam campaign targeting users in the UAE and other Arabic-speaking countries. Experts identified a network of interconnected 60 scam pages using more than 20 well-known local telecommunications, retail, entertainment companies, and celebrities as bait.

“The fake pages created on a popular blogging service Blogspot promote fake giveaways on the occasion of the Holy Month of Ramadan,” Koheil explained. “In order to lure users to scam websites, the fraudsters sent bulk WhatsApp messages and used pop-up windows and Google Ads. The scammers’ goal is to steal personal data or attract traffic to other fraudulent websites that altogether, according to Group-IB’s estimates, attract around 5,000 visitors a day. The scheme is not new, but apparently is having a moment again.”

He cautioned online users to pay attention to the URL in their browsers. “They should also be wary of malfunctioning websites and long chains of redirection; the official website should work properly even during periods of high traffic. Consumers should also avoid purchasing from unauthorised resellers and clicking on links in fraudulent discount articles. Furthermore, customers are advised to utilise a separate payment card that is not linked to their primary bank account.”

Similarly, Saeed Ahmad, MD for the Middle East and North Africa at Callsign, stressed that fraud hides in volumes of transactions and that the Eid holidays presents an ideal opportunity for fraudsters to take advantage of increased discounts and retail bonanzas.

“Consumers need to be more alert to heightened phishing activity, with fraudsters trying to trick them into handing over usernames and passwords via email and texts,” he said. “It has become more difficult to differentiate genuine messages from fraudulent ones, with fraudsters using the same channels banks and retailers use to authenticate genuine consumers. The advice to consumers is don’t click on any links in email or text messages.”

Retailers, on the other hand, should be on the alert to an increased use of bots bulk buying discounted goods to be sold on at a higher price at a later date, he said.

“Text messages in your name are harming your reputation and decreasing trust in your brand, you must find alternative ways to authenticate your customers,” he added. “We suggest that you look to layer signals about a user’s device, location and username and passwords with unique behavioural biometrics which can recognise genuine users with a simple swipe or type. This type of authentication prevents account take overs and bots damaging your business.”

With the growing tendency of consumers to shift their shopping online, it shouldn’t come as too much of a surprise that these weekends have become one of the most lucrative periods of the year for cybercriminals, said Emad Fahmy, Systems Engineering Manager, Middle East, NETSCOUT.

“From a cybersecurity perspective, we’re observing Distributed Denial-of-Service (DDoS) and DDoS extortion attacks across the retail sector. DDoS is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS extortion attacks involve cybercriminals threatening organisations with a DDoS attack unless they pay an extortion demand,” he explained.

In its latest report, threat researchers at NETSCOUT found that cybercriminals continue to take advantage of our increased online interactions and transactions by launching a staggering 9.7 million DDoS attacks in 2021. Looking specifically at the retail sector, NETSCOUT observed over 108,000 DDoS attacks against electronic shopping and mail-order houses in 2021, causing concern ahead of the festive shopping season.

“DDoS attacks can lead to costly downtime and lasting reputational damage,” Fahmy said. “Online retailers should invest in a robust DDoS mitigation system to protect themselves, which would effectively eliminate the need to worry about public-facing services should they experience a DDoS attack. Sophisticated tools exist to defend the infrastructure in a worst-case scenario, which will limit the fallout for retailers.”

ALSO READ:

• Fraud alert in UAE: 'Students' seeking help with tuition fees; ministry issues warning

• UAE: Dh100,000 fine for organised begging; police warn residents against new online methods

• Dubai: Man jailed for stealing Dh33,000 in phone scam

However, he also added that it is essential to test defense systems on a semi-regular basis to ensure that any adjustments made to the online infrastructure are reflected in the overall cyber risk mitigation strategy. “There must also be a fool-proof plan of action and a complete understanding of who to alert – from local regulatory bodies to critical stakeholders and security suppliers – should a cyber-attack such as a DDoS attack occur.”

Nader Baghdadi, senior regional director, Middle East Sales & Strategic Partnerships for ColorTokens, also agreed that retail and e-commerce tend to be the preferred targets for cybercriminals due to the large amounts of financial transactions and the sensitive nature of personally identifying information (PII) required for most transactions.

“Names, addresses, birthdates, and credit card numbers can fetch high prices on the Dark Web or - even better for ransomware groups - might result in desperate retailers paying huge ransoms to mitigate data breaches,” he said. “Ransomware and other advanced attacks are causing greater damage than ever before, and many of these attacks are the result of lateral movement inside the network after hackers have penetrated firewall defenses.”

This threat, he said, is increased exponentially during the festive season such as Eid, as shoppers flock to the markets, both online and offline, and vendors keep cybersecurity on the back burner to focus on customer service. Moreover, IT staff across enterprises is “skeletal”, thus making the job easier for cybercriminals.

“It is high time retailers shift their dependency from error-prone humans to micro-segmentation, identity-based segmentation, and auto-generated policies,” he said. “Autonomous Zero Trust security is the only way forward. Another way to improve cyber resilience is to train employees, vendors, and affiliates about security best practices. An informed workforce will be on its guard against phishing attacks and similar social engineering tactics used by attackers.”

rohma@khaleejtimes.com