Experts warn that major institutions have been cloned with such accuracy that even cybersecurity professionals are being fooled — a chilling reality we now face.
Cybersecurity experts have warned of a surge in newly registered domains containing keywords related to the ongoing Middle East conflict, highlighting that sophisticated cybercriminals have created over 8,000 fraudulent websites in the past month, aiming at both individuals and businesses.
“What’s particularly alarming is that over 200 fake domains have precisely impersonated a leading GCC oil company, several major Gulf banks, and government services, putting personal data, identities, and savings at risk,” Rayad Kamal Ayub, managing director of UAE-based Rayad Group, told Khaleej Times.
Ayub added, “The average GCC resident cannot tell these fake websites apart from legitimate ones — that’s the frightening reality we’re facing. Major institutions have been cloned so accurately that even cybersecurity professionals are being fooled. One wrong click, one credential entered on a fraudulent site, and life savings could disappear in minutes.”
Last week, the UAE Cyber Security Council urged individuals and organizations to stay vigilant against a wiper malware threat. The Council described it as one of the “most destructive types of malicious software,” designed to erase data and deliberately disrupt systems. It emphasized the need for robust cybersecurity practices to protect users and safeguard critical information.
Ayub commended the UAE authorities “for their exceptional cybersecurity vigilance and proactive approach to these threats.”
He added, “UAE cybersecurity agencies have successfully intercepted and neutralized over 1,200 malicious domains targeting Emiratis and businesses in just the past quarter. Their rapid response teams have helped prevent an estimated Dh450 million in potential fraud losses.”
He continued, “The UAE Cyber Security Council and relevant authorities have put in place world-class threat monitoring systems that can detect and disable fraudulent domains within hours of registration. This level of preparedness and technological sophistication in protecting citizens and businesses sets a benchmark for the entire region and shows what effective cybersecurity vigilance can achieve in preventing devastating attacks.”
‘Weaponised’ Domains
Ayub highlighted two sophisticated hacking networks:
- Impersonation of a major GCC oil company: Spurious websites were created to mimic the company, aiming to steal employee credentials and infiltrate critical infrastructure. Quoting Dr. Mohammed Al-Shehri, former director of industrial cybersecurity, Ayub said, “These fake portals harvest login credentials that give attackers access to internal systems and potentially networks controlling energy infrastructure.”
- Regional bank replicas: A regional bank faced 31 sophisticated fake websites using domains such as online.com, secure__.com, verify.net, mobile-__.com, corporate.com, and app.com. These fraudulent sites trick customers into entering credentials on what appears to be the bank’s official app or website. Within minutes, attackers can transfer the entire account balance and convert it into cryptocurrency, Ayub explained.
Digital Pickpocket
A former signals intelligence officer compared fake banking apps to digital pickpockets that read messages, capture passwords, and monitor every transaction, giving cybercriminals access to a person’s entire digital life.
“Hackers aren’t just after money. They can steal your identity, passport information, and family data,” warned a cybersecurity researcher at a leading GCC university. “Your stolen identity could even be used to commit crimes in your name.”
Important Recommendations
The UAE Cyber Security Council has repeatedly emphasized the importance of strong cybersecurity practices and offered the following guidance:
For individuals:
- Regularly update systems and software.
- Avoid suspicious links and untrusted files.
- Maintain regular backups of important data.
For organizations:
- Implement isolated backups and test them regularly.
- Restrict and manage access privileges.
- Strengthen security monitoring and incident response capabilities.
Ayub also stressed that “awareness and preparedness are essential to protecting data and reducing potential threats,” offering these additional precautions:
- Never click links in emails or texts claiming to be from your bank; access banking only through bookmarked websites or official apps.
- Verify unusual requests by calling known numbers, not through links.
- Never enter work credentials on sites accessed via email links. Confirm payment instructions through multiple out-of-band channels.
- Type government URLs manually and verify the correct domain.
- Educate elderly relatives and children, who are most vulnerable, and establish family verification protocols for financial requests.
- Monitor bank accounts daily for suspicious activity and report fraud immediately to authorities.
Ayub concluded: “Every person who follows these precautions builds the best defense. This is about protecting what matters most—financial security, personal identity, and family safety. Cybercriminals are counting on complacency and ignorance. Don’t give it to them.”
