News

Home News Entertainment News

Got UAE Pass OTP request? Fraudsters pose as officials to bully victims for info

UAE Pass OTP scam
UAE Pass OTP scam

The Telecommunications and Digital Government Regulatory Authority (TDRA) has confirmed that the UAE Pass app is secure, but scammers continue to exploit it through sophisticated tactics to deceive residents. Posing as officials from the police, Ministry of Interior, or banks, these fraudsters aim to trick individuals into authorizing UAE Pass requests, leading to personal and financial losses.

Rising Vishing Scams

The latest wave of vishing (voice phishing) scams has targeted UAE residents, with fraudsters impersonating authorities to extract sensitive information. A recent WhatsApp poll conducted by Khaleej Times revealed that over 8,300 individuals received calls or emails from scammers pretending to be UAE officials. Many victims have shared their distressing experiences, underscoring the need for heightened vigilance.

Brejesh Rajan's Ordeal

Dubai resident Brejesh Rajan experienced a vishing attack that left him bewildered. An Indian expat, Rajan had submitted his Emirates ID (EID) for renewal and received a call on May 13 from a woman claiming to be from the UAE ICP. She had all his official details, including his ID number and expiry date, and convinced him that the information was needed to protect against scammers. Rajan received codes from his UAE Pass app and followed instructions to authorize them, unwittingly granting the fraudsters access to his app.

The scammers sent three emails from what appeared to be the ICP's gov.ae domain, further convincing Rajan that the process was legitimate. After providing his bank details and card number, he received a debit request and an OTP. When asked for his CVV number and the OTP, Rajan became suspicious and refused to comply. The caller then became aggressive and threatened him, but Rajan stood his ground, ultimately blocking his UAE Pass and reinstalling the app using his biometrics.

High-Pressure Tactics

Scammers often use aggressive tactics to pressure their victims. Dubai resident Ann Mel recounted a similar incident where an unknown caller brusquely demanded her Emirates ID verification. When Mel questioned the need, the caller yelled, trying to intimidate her into compliance. Mel realized it was a scam and ended the call. These high-pressure tactics are designed to scare individuals into quick decisions, preventing them from recognizing red flags such as calls from mobile numbers instead of official sources.

Social Media Awareness

Many residents have turned to social media to share their experiences and warn others. Dubai resident Muhammed, who did not want to disclose his full name, recounted how he received a suspicious call from someone claiming to be from the Ministry of Interior. The caller asked him to confirm an OTP on the app, but Muhammed hung up, recognizing the scam. Similar posts on social media have helped raise awareness and protect potential victims.

UAE Pass Security

Despite the increasing number of scam attempts, the TDRA has assured the public of the UAE Pass platform's high-security standards. The authority emphasizes the importance of caution when receiving OTPs, notifications, or login requests linked to UAE Pass. Users are urged not to share these details and to verify any requests meticulously to avoid falling victim to fraud.

How Fraudsters Operate

Rayad Kamal Ayub, managing director at technology firm Rayad Group, explained that fraudsters can access personal information from the dark web with little effort. They use data leaks or hacks to compile identity details and employ pirated software to track victims' activities and steal credentials. By triggering UAE Pass requests and sending fake emails from cloned domains, scammers manipulate victims into sharing sensitive information.

Cybersecurity Expert Insights

Khalifa bin Huwaidan Al Ketbi, Chairman of CAWCAB LLC, highlighted that fraudsters often use credential-stealing malware embedded in widely used apps. They can trigger OTP requests by entering a victim's mobile number into a UAE Pass-linked app. If the victim shares the OTP, the scammer gains access. Ayub added that some fraudsters use SEO and mobile ads to deceive victims. Governments should collaborate with digital advertising companies to prevent financial fraud.

Staying Safe

To protect against scams, cybersecurity experts recommend several precautions:

  1. Avoid installing software from unknown sources and remove unnecessary apps.
  2. Be wary of calls from unknown numbers and phishing emails.
  3. Follow digital security practices, such as updating passwords, enabling two-factor authentication, and being cautious of suspicious messages.
  4. If you share an OTP, contact the service provider immediately to secure your account.
  5. Stay informed about government advisories on cybersecurity threats.

By following these guidelines, residents can better protect themselves from sophisticated scams and minimize the risk of personal and financial losses.

By: Sahiba Suri

Related Articles

UAE sugar tax: Highly sweetened drinks

Dubai Fitness Challenge: Free events,

Dubai: Gold prices fall by up to Dh10;

Why UAE National Day is now called Eid

Diwali gold buying ends in losses: UAE

Comments