The increasing prevalence of online fraud schemes has been a matter of concern globally, especially since the Covid-19 pandemic. The Government of the United Arab Emirates has repeatedly issued notices to create awareness of such online scams and has issued regulations that help in effectively combatting online fraud cases.
The common methods used for online scams include:
Smishing: In this technique, a fraudulent link is sent through text messages or email communications, which upon clicking, takes the user to an external scam site that can illegally download and obtain sensitive information about the person, such as bank accounts details and personal details.
Phishing: This method is very prevalent, and, in this method, un-suspecting individuals and even companies are contacted over authentic-looking email and requested to provide sensitive information such as banking and credit card details.
Voice phishing: In this method, the unsuspecting victim is contacted over a phone call and is requested to share sensitive information or to transfer an amount. Such scams are very common globally, and awareness campaigns are increasingly being run by banks, public authorities and government to raise awareness amongst the public. There is an increasing number of such scam calls being reported in the UAE, wherein the scammers identify themselves to be calling on behalf of a regional bank or a telephone utility services and trick the victims into revealing their identity details or passwords. UAE banks have repeatedly issued notifications to confirm that they would never request their clients to reveal sensitive information over the phone.
The Federal Decree-Law number 5 of 2012 on combatting cybercrimes and its amendments ('Cybercrime law')categorizes cybercrime broadly as 'any illicit use of the internet, computer network, electronic website or any other information technology means. Article 2 of the Cybercrime law states that 'An offender shall be punished by imprisonment and a fine not less than one hundred thousand dirhams and not in excess of three hundred thousand Dirhams or either of these two penalties whoever gains access to a website, an electronic information system, computer network or information technology means without authorization or in excess of authorization or unlawfully remains therein'.
In addition to enacting the cybercrime law, the UAE government has taken additional procedural methods such as:
» Easy reporting: Measures have been effected to ensure easy reporting of the cybercrime by creating easy to use channels such as the 'ecrime website', 'Dubai police website' for reporting cybercrime and the 'My Safe Society' application.
» TRA: The telecom regulatory authority (TRA) actively monitors the information and content available online and takes prohibitory measures for content that is malicious in nature. TRA also initiates curbing measures against unlicensed VoIP service providers, including illegal websites.
» Digital security: The digital security of individuals in the UAE is maintained and verified through the UAE Pass app and Emirates ID.
» Heavy Fines: Strict punishment is imposed against offenders under the cybercrime law. Acts of cyber hacking against banks in order to obtain illegal data concerning banking accounts and card information can be punished with huge fines of up to Aed One million and also with imprisonment. An act of IP address forgery can be punished with imprisonment of up to three years and a fine of up to AED 500,000.
Various global studies showcase that cybercriminals increasingly choose to operate in jurisdictions wherein either there are weak cybercrimes laws or no e-crime regulations at all. Understanding these practices, the UAE government has ensured that stringent laws are enforced in the UAE against cybercrimes and in order to implement the best practices that ensure digital security.