CSC Warns against the dangers associated with email fraud

More than 75% of cyber-attacks begin with a phishing email

As part of the weekly awareness campaign of the "Cyber Pulse" initiative launched by the Cybersecurity Council (CSC), the Council warned in its weekly awareness message against the dangers associated with email fraud. It emphasized the need to be cautious of deceptive or falsified emails used by fraudsters to infiltrate individuals’ electronic accounts, including personal accounts, and to compromise financial data. Such breaches may expose both individuals and institutions to risks of cyberattacks and data theft.

CSC highlighted that more than 75% of cyber-attacks begin with a phishing email or a deceptive message. Which may contain malicious software, aim to steal login credentials, or serve as a prelude to identity theft. The Council warned of the serious consequences of phishing emails, noting their widespread use in exploiting gaps in digital literacy and proper online behavior among some individuals. It further pointed out that more than 3.4 billion phishing emails are sent daily, targeting vast numbers of individuals to obtain their personal and financial data, as well as sensitive or critical information, which is later used to build cyberattacks or extortion schemes.

The weekly awareness message stressed the importance of focusing on data protection and being vigilant against fake or suspicious emails. It noted that there are several distinctive signs that can help identify such emails and secure email accounts by avoiding clicking on them. Among the most prominent indicators are emails requesting advance payments, pressuring recipients to take immediate action without reflection, asking for personal data without a clear purpose, offering deals that are too good to be true, or directing users to log in through unfamiliar links.

The Council also warned against emails containing numerous spelling and grammatical errors, noting that such characteristics are strong indicators of phishing attempts designed to compromise accounts and steal data.

CSC also provided a set of recommendations for individuals and users, both citizens and residents, to protect themselves from fake links and fraudulent emails. Key recommendations included avoiding clicking on suspicious or unknown links, refraining from scanning QR codes in public or untrusted places, safeguarding personal information and login credentials, and never disclosing such data to strangers or untrusted parties. The Council also emphasized the need to secure personal accounts, whether email or social media, which may contain sensitive personal or financial information. It advised enabling multi-factor authentication, regularly installing automatic updates, and immediately reporting any fraudulent or suspicious emails without interacting with them or their senders, while notifying authorities to take necessary action.

The weekly "Cyber Pulse" campaign reiterated that the human element remains the most critical link in the cybersecurity chain. It stressed the importance of promptly reporting phishing attempts or suspicious emails to security teams, noting that swift reporting can prevent major security incidents. Response teams can then analyze threats and take preventive measures.

CSC concluded that cybersecurity has become a major challenge in the digital space and that these preventive measures and responsible behaviors, alongside ongoing government efforts, contribute significantly to addressing current digital challenges arising from rapid technological advancements. In this context, the "Cyber Pulse" awareness campaign, launched by the Cybersecurity Council for the second consecutive year on social media platforms, supports the UAE’s continuous efforts to build a secure cyberspace that protects users from growing digital risks and keeps pace with rapid technological developments. This initiative aligns with a comprehensive national vision aimed at strengthening trust in the country’s digital ecosystem, promoting a culture of cybersecurity, enhancing digital awareness among families and individuals, and reinforcing cybersecurity practices to safeguard the safety and privacy of citizens and residents in an era of accelerated digital transformation.