Dubai – A surge in online scams targeting unsuspecting consumers in the UAE has left multiple victims financially devastated, with some losing thousands of dirhams. Fraudsters have been exploiting social media platforms like Facebook, TikTok, and Instagram, using fake ads and counterfeit websites to trick users into believing they are purchasing premium ghee for just Dh1.
How the Scam Works
According to Shehroze, the owner of Simply The Great Food, scammers have cloned his brand’s logo and images of the A2 Desi Ghee product, running paid advertisements to lure victims into filling out surveys and entering their payment details.
Victims, thinking they are securing an exclusive deal, unknowingly expose their credit and debit card details to cybercriminals. While many transactions initially appear unsuccessful, scammers later use the stolen information to conduct unauthorized transactions, sometimes amounting to tens of thousands of dirhams.
Victims Speak Out
Several UAE residents have fallen prey to this scam, suffering massive financial losses:
- Majid, a taxi driver, lost Dh1,200, money he had saved for his wedding trip to Pakistan.
- A Dubai resident lost Dh100,000, which she had been saving as a down payment for her first property.
- Dharmesh Bhardwaj lost Dh18,000, thinking he was getting a special discount.
- Dinesh Kumar, a UAE resident for 16 years, lost Dh5,030 despite initially receiving a transaction decline notification from his bank.
Many victims reported no OTP verification before unauthorized withdrawals were made from their accounts. Some banks refused refunds, stating that the transactions appeared "authorized."
Cybersecurity Experts Warn of Financial Malware
Cybersecurity professionals caution that AI-powered malware is increasingly being used by fraudsters to bypass banking security measures. Dubai-based cybersecurity expert Rayad Kamal Ayub warned that a sophisticated malware known as PixPirate is being deployed via fake applications to:
- Log keystrokes and steal banking credentials
- Bypass two-factor authentication
- Manipulate online banking apps
- Access sensitive personal information
"PixPirate is dangerous because it can be installed through fake websites, malicious emails, or app downloads. It bypasses Google Play Protect and can even add stolen card details to Apple Pay or Google Pay without user knowledge," said Ayub.
Authorities Crack Down, But Scammers Persist
While UAE authorities have successfully shut down some fraudulent websites, scammers quickly create new ones, making it difficult to eliminate the problem entirely.
"We are a small business, and this scam has damaged our reputation and sales, which have dropped by 90%," said Shehroze. His company has been actively warning customers on social media and through community groups to avoid falling for fake ads.
How to Protect Yourself
Experts recommend several measures to safeguard against such scams:
- Avoid deals that seem too good to be true – A premium product for Dh1 is highly suspicious.
- Do not click on social media ads from unknown sellers – Instead, visit official websites directly.
- Never enter card details on unfamiliar websites – Always check for HTTPS security certificates.
- Enable transaction limits on your credit and debit cards – This can minimize potential losses.
- Use virtual cards for online transactions – Some UAE banks offer temporary card numbers for added security.
- Report scams to authorities – Victims should immediately report fraudulent transactions to their banks and Dubai Police’s eCrime unit.
With online fraud on the rise, authorities and cybersecurity professionals urge consumers to remain vigilant and skeptical of unrealistic online offers.
