Cyber Crime
Hajj Pilgrims Targeted by Scammers: Resecurity Exposes New Tactics and Precautions
– Resecurity warns of increased Hajj season scams, advising pilgrims to use official sites and verify travel arrangements.
– Common fraud tactics include fake websites and sub-standard or non-existent travel packages.
NEW DELHI: As millions of Muslims around the world prepare for the annual Hajj pilgrimage to Mecca, US-based cyber security firm Resecurity has issued an advisory warning of a surge in online scams aimed at defrauding those planning the sacred journey.
Fraudsters are exploiting the high demand and spiritual significance of the Hajj to perpetrate devious schemes that put pilgrims’ finances and personal information at risk. The annual pilgrimage to Mecca is a major event for Muslims worldwide, often involving years of savings and meticulous planning. Unfortunately, this has also become a prime opportunity for fraudsters to exploit unsuspecting pilgrims, leading to devastating financial losses and broken dreams.
On May 14, Saudi Arabian authorities issued a warning about online registration scams and fake websites designed to deceive Hajj and Umrah pilgrims. The Ministry of Hajj and Umrah has urged pilgrims to use only official ministry accounts and to be cautious of false Hajj invitations. They emphasized using their official website, www.haj.gov.sa, to find licensed Hajj service providers.
The City of London Police has also recognized this issue, producing a leaflet to guide Hajj pilgrims and encourage victims of fraud to report incidents to the authorities. British Muslims collectively spend £125 million on Hajj annually, but many are at risk of falling victim to fraudulent schemes.
The Association of British Travel Agents (ABTA) reports that around 25,000 UK pilgrims travel to Saudi Arabia for Hajj each year. However, cases of sub-standard or non-existent travel arrangements have resulted in significant financial losses for many. In 2023, the Hajj pilgrimage drew approximately 1.84 million pilgrims from around the world, including many from the United States, European Union nations, and other countries. This massive influx of pilgrims makes the Hajj season a prime target for online scammers.
ALSO READ: Personal and Covid Vaccination Data of 820,000 Dominicans Leaked Online: Resecurity
Common Online Scams During Hajj Season Exposed By Resecurity
- Fake Hajj Pilgrimage Agencies: Fraudsters set up fake travel agencies or websites offering enticing Hajj packages at discounted prices. These fraudulent operators often close just before departure, leaving victims without a tour or a way to reclaim their money.
- Online Registration Scams: Scammers create fake websites or send false invitations, tricking people into providing personal information and money. Victims are often directed to these sites via convincing links.
- Sub-standard or Non-existent Travel Arrangements: Some individuals pay for travel arrangements that turn out to be sub-standard or non-existent, leading to substantial financial losses.
- Unlicensed or Fraudulent Travel Companies: Organized crime groups target licensed travel companies, advertising fraudulent Hajj deals. These scams often result in the tour operator disappearing before the pilgrimage begins.
- Social Media Scams: Fraudsters use social media platforms to promote fake Hajj packages, exploiting the high demand and spreading their scams widely.
READ FULL REPORT HERE: Navigating The Hajj Season: A Time Of Spiritual Unity And Rising Cyber Threats Targeting Consumers
Evolving Tactics for Identity Theft
In alignment with Vision 2030, the Ministry of Hajj and Umrah launched the digital platform Nusuk to streamline planning, booking, registration, and payments for Hajj and Umrah. This platform reduces the risk of fraud by connecting pilgrims directly with official Hajj operators and processing payments through a government system. Despite this, Resecurity has identified multiple fraudulent resources impersonating Nusuk, designed to collect sensitive information for malicious purposes.
One fraudulent site, registergov[.]com, was discovered mimicking official government resources to deceive victims into sharing personal information. This scam encouraged victims to spread the fraudulent resource to their contacts, expanding the reach of the scheme.
Generative AI and Troll Factories
Fraudsters are increasingly using generative AI to create convincing texts in Arabic, disseminating Hajj-related messages to deceive victims. Additionally, “troll factories” are employed to spread deceptive content on social media, manipulating public opinion and driving traffic to malicious websites.
Resecurity has blocked over 630 social media accounts involved in distributing fraudulent Hajj-related content. This action highlights the need for collaboration between online platforms, law enforcement, and the private sector to combat fraud and ensure online safety.
ALSO READ: 300% Surge in Cyber Attack – Here Is How Hacktivist Groups Are Targeting India’s General Election
Financial Fraud and Payment Data Compromise
Despite efforts to streamline the Hajj registration process through the NUSUK app, fraudulent campaigns persist. A new phishing campaign has been identified, with a website designed to impersonate the official Nusuk platform, directing users to a payment interception form to steal sensitive information.
Money Exchange Services Scams
As Hajj season nears, consumers are warned against online scams involving money exchange services. Scammers offer fake deals, false promises, and manipulated exchange rates, leading to significant financial losses. Vigilance and verification of credentials are crucial when transacting online.
Risk Mitigation
To protect against online scams during Hajj, individuals should:
- Use Official Accounts: Only use official ministry accounts for registration and communication related to Hajj and Umrah.
- Verify Legitimacy: Check if travel agencies or tour operators are members of reputable organizations like ABTA and ensure they are ATOL protected.
- Get Everything in Writing: Ensure all agreements, contracts, and receipts are provided in writing.
- Report Fraudulent Activities: Report any suspected scams to relevant authorities. In the UK, this can be done through Action Fraud or a specialist adviser.
Awareness and precaution are key to safeguarding against the growing threat of online scams during the Hajj season. By staying informed and vigilant, pilgrims can protect themselves and their cherished journey to Mecca.