Workshops and training for young people are being launched to help them spot the rising number of phishing scams online.
Emirates airline is the latest to warn its customers of dummy adverts, following a fake membership offer to enrol in a discounted subscription to fly first class.
A phishing scam posing as an advert offering 10 first class flights anywhere in the world for a $300 annual membership fee circulated across social media, prompting Emirates Airline to speak out.
“Emirates is aware of fraudulent ads circulating on social media platforms that direct users to websites impersonating our legitimate site,” a representative said. “We urge customers to stay cautious. All official Emirates communications are only shared through our verified channels.”
Phishing scams are becoming increasingly sophisticated and rising in number as artificial intelligence tools make it easier for criminals to stage attacks with convincing fakes that mimic legitimate brands.
Meanwhile, social engineering to trick users into making security errors or revealing sensitive information is used to exploit people's trust in popular brands and respected companies, making it harder for consumers to recognise scams.
Zero-trust approach
The tactics can snare a victim into handing over control of a computer system to a criminal, who then exploits information to gain access to sensitive information such as bank account details.
“Individuals and organisations should follow a zero-trust approach with a strict verification process to ensure they are dealing with the right person or organisation,” said Haider Pasha, chief security officer at Palo Alto Networks.
“It is always advisable for individuals to use multifactor authentication for online transactions, and to stay alert and be aware of security and privacy settings – for example, do not use the same password across multiple accounts and, of course, keep security measures such as anti-malware, anti-ransomware, anti-virus software and firewalls up to date.”
One way to avoid falling victim to phishing scams is to verify the authenticity of links or attachments in emails and online ads. This can be done simply by hovering your cursor over the link, which can help to demonstrate if the URL is legitimate.
It is also advised to be wary of attractive deals that seem too good to be true – another common tactic scammers use.
“As AI-powered attacks become smarter and harder to detect, a seemingly suspicious link may not always raise immediate red flags in organisations,” said Mr Pasha. “Employees should report such links to the IT or security department immediately. For individuals, it is best to email or message the company directly through official channels to confirm its legitimacy.”
Cybercrime increased significantly during the Covid-19 outbreak. The rise of home working contributed to this, allowing criminals to exploit frailties in domestic online security as phishing scams became the most commonly reported crime.
The pandemic triggered a surge in cyber attacks, with the World Economic Forum reporting a 50.1 per cent increase in the first four months of 2020, with 30,000 specific security breaches related to Covid-19.
Since then, the cost of cybercrime and related spending to keep online systems secure has soared.
In 2019, the global cost of online crime was $1.16 trillion, but by 2024 that had climbed to $9.22tn and is expected to reach a staggering $13.82tn by the end of the decade.
Cyber security boot camp
A potential solution to reduce the numbers exposed to cybercrime is training in schools and the workplace to educate about the latest threats.
At a Dubai summit on innovation and transformation in higher education on Wednesday, experts from the Abdulla Al Ghurair Foundation (AGF) called for a growing skills gap to be filled during an era of unprecedented digital disruption.
Sessions examined the integration of AI and data analytics in education, workforce readiness in an era of rapid automation, and the role of public-private partnerships in bridging the divide between academia and industry. The AGF is offering places on a cybersecurity boot camp to gain practical experience and industry-recognised certification to safeguard against the latest threats.
Training gives an understanding of Linux and other computer operating systems, as well as the core concept of cybersecurity to offer a pathway for young people into a career in the rapidly growing industry.
Ayman Bazaraa is co-founder and chief executive of Sprints, an ed-tech company founded in 2019 to equip young learners with skills for the AI era.
“Learning technology should be for everyone, and even before this hype of AI and cybersecurity, we were teaching this for everybody,” he said. “Without a minimal knowledge of technology, how to be defensible and protect your data, it's extremely easy to be hacked. In AI and cybersecurity there is a gap between the university graduates' knowledge and what the market needs, so there should be a kind of upskilling to bridge this, and also for current employees.
“Everyone should have some kind of tech awareness, not just to utilise the vast benefits of this technology, but to defend against the threats so they can survive in the digital world.”
