عربي
 

Corporate Video       



Initiated by       

www.tra.gov.ae

Download aeCERT App

Member of

ISO 27001 : 2005 Certified
Information Security Management System

BS 25999 - 2 : 2007 Certified
Business Continuity Management Systems

 

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

 

 

Beware! Your online bank account might be a target for cyber hackers

January 13, 2010

 

Cyber crime incidents are on the rise globally, in the UAE and as per a report by the Telecommunications Regulatory Authority prepared by the Authority’s Computer Emergency Response Team (aeCERT), in 2009 alone, the UAE IT infrastructure witnessed 51 cases of e-crime incidents. To bring more attention to this critical issue and its devastating effects on businesses and individuals alike, HE Mohammed Gheyath, Executive Director of Technology Development Affairs at TRA, participated in a paper highlighting the 2008/2009 major e-Crime incidents during the Crisis and Emergency Management Conference (CEMC) held this week in Abu Dhabi. The paper presented different aspects of cyber crime incidents that aeCERT has dealt with throughout 2008/2009 and types of such incidents targeting the UAE ICT infrastructure and threatening the very confidentiality of data and information stored electronically.

The paper also contained statistics on the number of these attacks, their destinations and frequency and finally provided some theoretical examples on the nature of such attacks and preventative measures to ensure avoid them from taking place. The types of cyber attacks were categorized as compromised accounts, where aeCERT was able to capture these accounts being used illegally, Email abuse which can be either spam, offensive or fake, the propagation of malware codes and finally the compromised websites either being in the form of defacement or phishing.

According to Gheyath, one of the most growing cyber attacks on a global scale last year included “Phishing Emails”. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging. People receiving phishing emails will be asked to update their profiles including usernames and passwords by providing a link to the fake bank website. Once a user clicks on the link provided by the phishing email, he or she is directed to a website, much similar to their banks’ website, which from many cannot be detected as a fraud site. Once the information is updated by the user, hackers get immediate access to their online banking accounts.

Cyber hackers sending and using phishing emails relay mostly on deceiving the user. However banks using offering online banking and financial services are investing heavily in securing their ICT infrastructure to prevent hacking of any kind. It is, at this point, the awareness and knowledge of the average user to be always aware of attacked that target individuals with minimal knowledge of secure online transactions.

aeCERT receives many forwards from banks and online e-business providers of fraud and scam sites that threaten their business, they are always diligent and alert when it comes to protecting their brands and clients. aeCERT take immediate measures by block such fraud sites with the help of local ISPs and inform international organization such as Anti Working Phishing Group (APWG) of the incident. Gheyath shared aeCERT’s future plans to provide their constituents with new services to help minimize cybercrime incidents in the UAE. 

 
 
 
 
© 2010-2011 aeCERT. All rights reserved.