The Dubai-based exhibitions firm fell victim to a highly sophisticated cyber attack
A Dubai-based exhibitions firm has lost $53,000 (Dh194,700) in an elaborate phishing attack.
Binu Manaf, CEO and managing director of Cheers Exhibition, said a cybercriminal hacked his firm’s email and then used a spoofed email to trick its client to wire the funds into an overseas bank.
“This is not a crude phishing attack, but one which involves a high level of sophistication,” Manaf told local newspaper Gulf News.
The CEO said he didn’t realise the company’s email account had been hacked until one of his clients enquired if he had sent out emails seeking payments into an overseas account instead of a local bank in Dubai.
“That set the alarm bells ringing because we hadn’t sent out any such email,” said Manaf.
“As it turned out, our email had been hacked. Unknown to us, a cybercriminal had been scouring through all our correspondence containing details of ongoing contracts and outstanding payments,” he said.
“A Russian client unwittingly remitted $53,000 into the overseas account as advised. We had built an exhibition stand for him and were communicating with him for payments,”
Global cloud-based email management firm Mimecast recently reported that cyber impersonation cases in the UAE are up by 75 year on year.
In a study of more than 1,000 IT leaders from multinational companies with UAE representation, Mimecast found that 91 per cent of cyber attacks are triggered by email.
Conventional security methods are often rendered ineffective when it comes to phishing attempts because the elaborate campaigns are executed in multiple stages, the report said.
In the UAE, 58 per cent of companies that suffered a data breach said the incident enforced at least three days of system downtime.
Just under a third of UAE data breach victims took said it took five days or more to recover operations after an attack.