cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Scammers take advantage of Ramadan as online transactions spike

Fraud and scam activity targeting those celebrating Ramadan and Eid Fitr have already cost consumers up to US$100 million.

user icon David Hollingworth
Mon, 25 Mar 2024
Scammers take advantage of Ramadan as online transactions spike
expand image

As the Muslim faithful celebrate the holy period of Ramadan and Eid Fitr, scammers are taking advantage of a boost in online retail sales to make tens of millions of dollars.

According to researchers at Resecurity, a group known as the Smishing Triad is largely responsible for many of the scam campaigns. The group has previously targeted consumers in the United Arab Emirates, the US, the UK, and in Europe, but it has recently switched its focus to the Kingdom of Saudi Arabia, which has recorded a US$16 billion boom in spending for the period.

“This spike in e-commerce activity has, unfortunately, drawn the attention of cyber criminals who exploit these platforms to execute scams, leading to substantial financial repercussions for both consumers and businesses,” Resecurity said in a blog post.


“The estimated total financial impact of these activities ranges between $70 and $100 million, accounting for frauds perpetrated against expatriates, residents, and foreign visitors.”

The scams cover a wide range of tactics, from fake charities to romance scams. Resecurity noted a particular rise in scammers impersonating logistics companies, such as Aramex and Zajil Express. Most people with a mobile phone will be aware of these kinds of scams, where the criminals pose as a delivery company, claiming to have been unable to deliver a package, and that a payment or similar transaction is required to release it.

The scams use branding that appears legitimate and even entire fake websites. To make these scams seem even more authentic, the threat actors use personal details from other data breaches to personalise their messages.

When a victim does decide to pay, they are directed to more fake sites, in this case, ones pretending to belong to legitimate banks.

“In addition to seeking cardholder information like the credit card number, CVV, and expiration date, cyber criminals also target victims’ online banking account passwords,” Resecurity said.

“Gaining access to this range of information opens up multiple avenues for fraud, ranging from unauthorised credit card charges to more severe cases of online banking fraud and identity theft.”

Another campaign recreated the websites of bill payment platforms and even a recruitment system. In these cases, the criminals used a “multi-stage phishing kit” to circumvent one-time passwords and two-factor authentication protection.

One particularly malicious campaign had the aim of recruiting money mules for the threat actors. This one used the cover of a legitimate temporary work program, recruiting people to inadvertently move criminal proceeds.

Resecurity’s recommendations are what you might expect.

“Cyber criminals are aggressively exploiting platforms such as Sadad, Musaned, Ajeer, Ejar, and well-known logistics services to deceive internet users and draw them into different scams,” Resecurity said.

“It is strongly advised to refrain from sharing personal and payment information on questionable sites or with individuals posing as bank or government employees.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.