The UAE Government’s Cybersecurity Council has issued a warning over the growing risks associated with email-based fraud, emphasising the need for heightened vigilance against deceptive and fraudulent messages used by cybercriminals to compromise accounts and steal sensitive data.
The Council highlighted that more than 75% of cyberattacks originate from phishing emails or fake messages. These communications often contain malicious software, attempt to harvest login credentials, or pave the way for identity theft schemes. Such attacks pose significant risks to both individuals and organisations, potentially leading to data breaches, financial loss, and broader security compromises.
According to the Council, over 3.4 billion phishing emails are sent globally each day, targeting large numbers of users with the aim of extracting personal, financial, and sensitive information. This data may later be exploited in cyberattacks, extortion attempts, or ransomware operations. The Council noted that the widespread nature of phishing is largely driven by gaps in user awareness and inadequate digital safety practices.
The Council stressed the importance of safeguarding personal data and outlined several indicators that can help users identify phishing attempts. These include messages requesting advance payments, communications that pressure recipients into taking immediate action, or those asking for personal information without clear justification. Suspicious emails may also promote offers that appear excessively attractive or direct users to log in throug unfamiliar or unverified links.
Additionally, messages containing spelling or grammatical errors were identified as a common hallmark of phishing attempts, often signalling fraudulent intent.
To mitigate these risks, the Council urged citizens and residents to follow essential cybersecurity practices. These include avoiding suspicious or unknown links, refraining from scanning QR codes in public or untrusted locations, and ensuring that personal and login information is not shared with unverified parties.
The Council further underscored the importance of securing personal accounts—particularly email and social media platforms—by enabling multi-factor authentication and regularly updating systems and applications. Users are also advised to report any suspicious or fraudulent messages immediately and avoid engaging with the sender, allowing authorities to take appropriate action.
Emphasising the critical role of human awareness in cybersecurity, the Council noted that timely reporting of phishing attempts enables security teams to analyse threats and implement preventive measures, potentially averting major incidents.
The Council concluded by reaffirming that safety in cyberspace remains a key challenge amid rapid technological advancements. Adhering to preventive measures and maintaining sound digital behaviour, it said, are essential to supporting ongoing national efforts to address evolving cyber threats.
