Cybercriminals are increasingly combining information from multiple sources to create highly personalised attacks.
When Abu Dhabi resident Rody Nasr received a call that appeared to be from the US Embassy in Lebanon, he had little reason to be suspicious. The caller spoke with an American accent and claimed that authorities had uncovered a money-laundering case linked to his identity. Nasr quickly searched the number online. “It appeared that this is the embassy’s number,” he recalled.
What made him even more concerned was when the caller mentioned a passport that had been stolen years earlier while he was travelling in Greece. “So that’s why I got concerned,” said Nasr, a 40-year-old engineer and project manager who has lived in Abu Dhabi for the past decade.
The callers told Nasr that his identity had come up in an investigation involving suspicious financial transactions and suggested that his previously stolen passport may have been misused by others. They even provided a case number and instructed him to contact what they claimed was the UAE Embassy in Washington, since he is a UAE resident.
The conversation later escalated, shifting towards the need to appoint a lawyer to clear his name—before eventually leading to a request for him to transfer money for legal fees.
When Abu Dhabi resident Rody Nasr received a call that appeared to be from the US Embassy in Lebanon, he had little reason to be suspicious. The caller spoke in an American accent and claimed that authorities had uncovered a money-laundering case linked to his identity. Nasr quickly searched the number online. “It appeared that this is the embassy’s number,” he recalled.
What made the situation more convincing was when the caller referenced a passport that had been stolen years earlier while he was travelling in Greece. “So that’s why I got concerned,” said Nasr, a 40-year-old engineer and project manager who has lived in Abu Dhabi for the past decade.
The callers told Nasr that his identity had surfaced in an investigation involving suspicious transactions and suggested that his stolen passport may have been misused. They provided a case number and instructed him to contact what they claimed was the UAE Embassy in Washington, as he is a UAE resident.
The conversation later escalated, shifting towards the need to appoint a lawyer to clear his name—before eventually requesting money for legal assistance.
“They asked me about the case number,” Nasr said. “Then he called me by name and revealed some personal information about me.” The callers also claimed that a stay order had been issued and urged him to appoint a lawyer to resolve the matter. However, alarm bells rang when they asked for his passport details.
“I told them, ‘You should already have my passport details if you know everything,’” said the Lebanese expat. After ending the call, he independently contacted the US Embassy in Beirut using the same number that had appeared on his phone.
“He said, ‘Yes, this is a scam. You’re not the first person. They’re using our embassy’s number,’” Nasr recalled.
Evolving fraud tactics
Cybersecurity experts say the case highlights the growing sophistication of modern fraud schemes, where criminals combine technology with extensive research on their targets.
Dr Claude Fachkha, cybercrime expert and associate professor at the University of Dubai, said these operations are highly structured rather than opportunistic.
“They are very organised,” he said. “There is a team that collects data, another that codes, another that handles communication, and another that manages money transfers. It’s not random at all.”
He explained that cybercriminals increasingly combine data from multiple sources to craft highly personalised attacks.
“They know you and your background, and they conduct research across multiple datasets to gather information about you,” he said.
According to Fachkha, criminals often exploit data from past applications, breached databases, travel documents, and publicly available online information.
“They use this information to extract money from victims,” he said. “It allows them to build more customised attacks.”
Caller ID spoofing
Fachkha warned that cybercrime networks increasingly operate like structured businesses. “This is not a company; there are many people involved,” he said, describing specialised roles within these groups.
Dr Mehak Khurana, assistant professor at Canadian University Dubai, clarified that official numbers are not necessarily hacked.
“They are not actually hacking the real numbers,” she said. “They are using technology to spoof caller IDs.”
Caller ID spoofing allows scammers to manipulate the number displayed on a recipient’s phone, making it appear as though the call is coming from trusted institutions such as embassies, police, or banks.
“The first thing that happens is it feels legitimate,” Khurana said.
Compromised data
Experts also point to the widespread availability of personal data online as a key factor in making such scams more convincing.
“We are very active on social media, professional platforms, and search engines,” Khurana said. “It makes reconnaissance very easy for attackers.”
She added that fraudsters often rely on compromised websites and leaked datasets circulating on underground marketplaces.
“What attackers do is identify breached databases and exploit that information,” she said.
This data can include email addresses, phone numbers, and other personal details that are later used to construct convincing scam narratives.
Experts say psychological manipulation is central to these operations.
“They project authority,” Fachkha said. “People become afraid.”
Khurana agreed, noting that fear and urgency often push victims to act without verification.
“They create panic,” she said. “People think they might lose their residency, their job, or face legal consequences.”
She added that scammers are evolving beyond simple requests for one-time passwords.
“Now they use different tactics,” she said. “They ask for personal details or request installation of applications.”
In some cases, victims are persuaded to install remote-access software, giving scammers indirect control over devices and sensitive information.
“Call and verify”
While telecom companies and cybersecurity systems continue to improve detection tools, experts say public awareness remains the strongest defence.
“People should not believe anything over the phone,” Fachkha said. “Calm down, verify independently, and do your own checks. Call and confirm.”
Rather than trusting numbers or links provided during calls, residents are advised to contact organisations directly through official channels.
Khurana emphasised that legitimate government bodies never request sensitive information over the phone.
“They will never ask for OTPs or banking details,” she said.
Fachkha warned that cybercriminals are becoming increasingly determined.
“If someone really wants to reach your data, they will try multiple methods,” he said. “It’s often just a matter of time.”
Looking back, Nasr believes questioning inconsistencies in the callers’ story helped him avoid becoming a victim.
“At first, it seemed very legitimate,” he said. “But this kind of social engineering was new to me.”
As scams grow more sophisticated, experts warn that simply ignoring unknown calls is no longer enough. The number may look official, the voice convincing, and the details accurate—precisely what makes these attacks so effective.
