Residents urged to enable multi-factor authentication to secure personal accounts against identity theft
The UAE Cyber Security Council has issued a warning regarding cyber risks associated with email fraud, emphasizing the importance of exercising caution toward deceptive or fake emails used by fraudsters to breach personal and professional accounts. Such attempts aim to steal financial data, which could expose individuals and institutions to hacking and data theft threats.
The Council informed the Emirates News Agency (WAM) that more than 75 percent of cyber breaches originate from phishing emails or fraudulent messages. These may contain malware intended to steal login credentials or facilitate identity theft. The Council warned of the severity of such messages and their potential consequences, noting the prevalence of this fraud, which capitalizes on a lack of awareness and improper digital behavior among some users.
The Council indicated that more than 3.4 billion phishing messages are dispatched daily, targeting large populations worldwide to acquire personal and financial data, as well as sensitive information that could be used for subsequent cyberattacks, extortion, or ransomware operations.
It stressed the necessity of protecting personal data, observing that several indicators can help detect phishing messages. These include requests for advance payments, pressuring recipients to act immediately, requesting personal data without valid justification, offering suspiciously attractive deals, or prompting users to log in via links from unknown sources.
Read more: UAE Cybersecurity Council warns of 40 percent rise in attacks targeting remote workers
Identifying common phishing indicators
The Council explained that messages containing spelling and grammatical errors are common indicators of phishing attempts designed to breach accounts and steal data.
It advised citizens and residents to adhere to specific guidelines for protection, including avoiding suspicious or unknown links, refraining from scanning QR codes in public or untrusted locations, and maintaining the confidentiality of personal information and login credentials.
The Council also emphasized the need to secure personal accounts—including email and social media—by enabling multi-factor authentication and consistently updating systems and applications. Additionally, it urged the immediate reporting of any fraudulent or suspicious messages to the relevant authorities without interacting with the senders.
It affirmed that the human element remains the most critical link in the cybersecurity framework, highlighting the importance of promptly reporting phishing attempts to security teams. Rapid reporting enables response teams to analyze threats and implement preventive measures, potentially averting serious security incidents.
The Council further noted that cyberspace safety has become a significant challenge, and that adherence to preventive measures and sound digital behavior supports ongoing government efforts to address challenges linked to rapid technological advancements.
