PHOTO
Kaspersky experts warn against a recent scam campaign, crafting phishing pages disguised as the Dubai Government application, Digital Dubai Authority. The scam works by simulating familiar repayment sites, such as DubaiPay and Salik, for victims to enter their financial information in to.
With the campaign starting in April, Kaspersky researchers found over 240 phishing pages of this kind till date. Distributed via email, messenger or sms containing a fraudulent URL, the phishing page opens and lures people in to sharing payment information. Paired with the option to provide a fake charitable donation, scammers are able to exploit the well-respected image of Digital Dubai Authority which leverages emerging technologies to provide ease of payment to its citizens. The scammers use seemingly realistic payment and recharge portals, allowing them direct access to monetary gain. In addition, once credit card information is submitted, scammers are also provided with valuable financial data that can be used for other, illegitimate transactions.
“This is a classic example of cybercriminals feigning authority. Unfortunately, it can be difficult to tell apart such instances from legitimate pages. In this specific case, we notice criminals pretending to be Digital Dubai Authority to lure victims in a convincing disguise. Scammers will often impersonate well-respected entities in order to socially engineer people into giving up sensitive information or trick them into fraudulent payments; the goal is to make attacks as realistic as possible.” comments Maher Yamout, Lead Security Researcher for META at Kaspersky.
To avoid falling victim to similar phishing campaigns, Kaspersky recommends to:
- Always double check the URL and email, watching out for mistakes from these sources.
- Employ common sense before handing over sensitive details, especially before making payments online. When you get an alert from a major institution, open your browser window and type the address directly into the URL field to verify the site.
- Only use the trusted websites when sharing financial information and making payments virtually. For any government-related financial transactions, ensure you use official sources. In this case, conduct your financial transactions through the official Digital Dubai Authority website.
- Use a reliable security solution, such as Kaspersky Premium, for solid protection against a wide range of threats, including phishing threats.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.