Phishers pose homegrown threat
Online banking customers are coming under pressure from local criminals, as security companies reveal phishing attacks originating from Saudi Arabia, Jordan, Morocco and Egypt.
Phishing attacks are getting closer to home here in the Middle East, with security experts warning that many are now originating within the region.
While previously attacks were from other areas, such as Russia and Eastern European countries, it now appears that crime syndicates have enlisted Arabic-speaking people to help tailor their attacks.
The region continues to be the focus of phishing activity, with Emirates Bank last month sending a warning to its customers that it was being targeted.
But it insisted that no customers lost money in this latest attack, claiming that a new security measure – which ensures new beneficiary details cannot be entered online – had protected them.
Other banks that have been targeted by phishers include HSBC, National Bank of Abu Dhabi and Mashreqbank.
Nader Haghighat, regional head of direct banking services, HSBC Bank Middle East, blamed lack of customer awareness and the increase on online banking for the rise in attacks.
“Phishing attacks against regional institutions have been on the rise due to the increasing number of customers banking on the internet, incomplete awareness about online security, and the fact that some consumers do not properly secure their computers,” he said.
Ivor Rankin, Symantec’s senior security consultant for the Middle East and North Africa (MENA) region, revealed that the vendor’s investigation teams have traced a number of phishing attacks back to perpetrators in the region.
Of the phishing attacks Symantec has investigated last year, one was traced back to the UAE, while “four or five” originated in Saudi Arabia. Symantec traced one attack back to Jordan last year, eight from Egypt and up to three phishing attacks a week originate from Morocco.
“The unique thing about the region is the Arabic language and therefore although there are a lot of crime syndicates operating in South East Asia and Eastern and Western Europe, increasingly we’re seeing that they need assistance and co-operation from people in country or region with good Arabic skills to be able to draft the e-mails and do all the grammatical checks,” Rankin said.
Abdullah Qassem, general manager for IT operations at Emirates Bank, said that the comparatively small number of customers who had responded to the latest attack proved most customers are able to recognise phishing activity.
However he stressed it was vital that customers were constantly reminded of what precautions to take and the signs to look out for.