Dh1 scam: UAE firm sales 'crash by 90%' after fraudsters use logo to dupe buyers out of up to Dh100,000
Scammers who allegedly used company branding to defraud customers have caused a UAE-based firm to experience major financial losses along with substantial reputation damage according to its CEO.
Our sales began to decline when people became targets of scams. Our order volume has plummeted by as much as 90 per cent during the last few months. Shehroze Ramay, CEO of Simply The Great Food, explained that he was evaluating a temporary shutdown to manage the company's financial losses.
The scam first came to Shehroze's attention through social media advertisements about eight months ago. The scammers duplicated A2 Desi Ghee product logos and images to advertise a Dh1 offer. Fake websites that mimicked Simply The Great Food appeared together with sponsored ads across Facebook, TikTok, and Instagram platforms. Paid campaigns led by the fraudsters encouraged potential victims to take a survey and buy the product for Dh1.
The company faces difficulties with financial liquidity and customer trust according to Shehroze. Our business operates as a home-grown entity which requires daily sales transactions to compensate local farmers and workers for their labor. Hearing numerous customers report their lost savings takes an emotional and mental toll on us.
Victims of the scam
A taxi driver named Mr Majid reached out to Shehroze after he was scammed. Mr Majid, a taxi driver who became a scam victim, lost Dh1,200 which he had put aside for his upcoming wedding trip to Pakistan.
A woman who had saved money for her Dubai property deposit lost Dh100,000 because of a scam. The woman approached the police with a complaint to try to get back her savings meant for buying her dream house.
Dubai resident Dharmesh Bhardwaj became a scam victim after spending Dh18,000 to claim a Dh1 bottle of pure ghee offer. Dinesh Kumar who has lived in the UAE for 16 years became a victim when he lost Dh5,030.
Same scam tactics
The scam methods used on these victims show the same patterns across all cases. Dinesh explained his experience with the fraudulent deal to us.
While browsing through Facebook I came across an advertisement for ghee (clarified butter) from Simply The Great Food. After clicking the order link I was redirected to another website platform. The survey asked me to provide responses to several harmless questions.
The subsequent action required me to provide my payment card information. Following this sequence of events I got an OTP from my bank. The transaction failed to complete because an error message showed up on the website after which I shut it down.
Dinesh received a notification that his card declined a transaction worth Dh14,980 because he reached his credit limit. A subsequent message informed him about a completed purchase totaling Dh5,030. I did not receive an OTP request for this transaction because my card had been added to Apple Pay earlier that morning. Luckily I had put a transaction limit on my card.
Dinesh blocked his cards and right away called the bank to report fraud. He asked the bank to refund the amount but they refused. Following numerous emails and visits to the bank the institution agreed to refund 25 percent or Dh1,275 as a goodwill gesture.
The bank provided no support to Binsy and Nageena after they lost their money. During October 2024 Nageena tried to purchase ghee using the Dh1 deal. At midnight she received a notification about a Dh1,500 transaction processed through her card.
The bank concluded their investigation by stating the payment was authorised and they were unable to provide further assistance. How did the bank authorise this payment when I never linked my card to Apple Pay? questioned the 40-year-old long-time UAE resident.
Sophisticated financial malware
Cybercriminals now use artificial intelligence (AI) and machine learning (ML) technology to spread malware targeting payment applications including Apple Pay, WhatsApp, and Google Pay.
Rayad Kamal Ayub from Dubai who leads Rayad Group described PixPirate as advanced financial malware that employs multiple anti-research strategies. PixPirate malware functions by utilizing two malicious applications: one for downloading other malware and one for dropping the downloaded files. Once installed, it can:
-
Manipulate and control other applications
-
Log keystrokes
-
The device should provide a list of all its currently installed applications.
-
Instal and remove apps
-
Access contacts, calls, and location
-
Read, edit and delete SMS messages
-
Bypass security measures like Google Play Protect
-
Anti-virtual machine (VM) and anti-debug capabilities
Through its monitoring activities PixPirate manages to acquire victim's online banking credentials. The malware attacks accounts that can circumvent two-factor authentication according to Rayad which presents a substantial risk to mobile security.
Alerting consumers
The UAE authorities managed to eliminate several fraudulent websites that copied Shehroze's brand but he noted that these fraudulent activities continue to persist. Fraudsters establish new websites every time authorities close one URL.
Shehroze with his team has been informing buyers and devoted customers about the fraudulent activity. The team has joined multiple social groups to share information and protect others from falling victim to the scam. Our pages now host warnings that explain the tactics used by scammers.
Authorities noted that these scams frequently target major brands such as KFC and Al Baik. However, we are not big. Over eight years since its inception my business has demanded significant blood, sweat and tears to establish its strong reputation. The scam has harmed his business's reputation according to his statement.
Comments