Qatar Progresses in Cyber Crime Prevention Measures

Qatar is increasingly being targeted by cybercriminals and those intent on committing financial fraud, says a cybersecurity expert at ictQATAR. New evidence has emerged that Qatari bank cards are being bought and sold illegally on the internet and last year a gang of criminals were arrested by the Cybercrime Unit from the Ministry of Interior for using fake cards to pay off fines.

Malike Bouaoud of ictQATAR’s Qatar Cyber Emergency Response Team, (Q-CERT) and Section Manager for ICT Risk Management says that whilst it is difficult to measure the actual level of financial cybercrime in Qatar, it is evident that it is on the rise here. He is urging people to be more vigilant with their pin numbers and to look out for financial scams such as skimming or online phishing.

Skimming is a type of fraud whereby the numbers on a credit card are recorded and then transferred to fraudsters who can create a duplicate card or sell the numbers on the black-market, without the knowledge of the card holder. Whilst this is a fairly typical type of fraud in Europe and the US, there have been relatively low levels of this kind of crime in Qatar. Until this year, that is.

“By monitoring the forums and activity online we were able to establish that Qatari credit cards are now available to purchase online. These are basically stolen credit cards or cards that have been skimmed, either at an ATM, a non secure POS terminal or when a buyer has purchased something online. Before 2012 we did not see Qatar bank credit cards being sold in this way,” says Bouaoud.

Until now there have been relatively low levels of financial crime in Qatar. Whereas there has been wide-spread abuse of ATM’s on the continent and in the US, there has only been a handful of recorded cases in Qatar. However, warns Bouaoud, as Qatar’s profile continues to rise on the international stage, awareness is growing of Qatar as an emerging economy, a wealthy nation, and therefore a potential target.

Bouaoud said, “We want to raise awareness of the potential pitfalls so that people, and also merchants who are using payment terminals, become vigilant and protect sensitive financial information. There have been many cases of payment terminals being tampered with and people’s financial information being stolen in other countries. It is only a matter of time before we see this kind of activity in Qatar, so merchants must be aware to safeguard these terminals and the data it generates.”

According to Bouaoud, last year a gang of six were arrested for using stolen international credit card details to pay off other people’s fines. They were promoting this as a service in online forums, charging a nominal fee for paying off an individual’s traffic fines using these stolen cards, in some cases up to thousands of Qatari Riyals. As a result, the portal used to pay traffic violations no longer accepts international credit cards, only Qatari bank cards can now be used to pay off fines. This is likely to be introduced for other online payment facilities too, such as utilities.

Another typical activity of online fraudsters is that of Phishing, whereby criminals send out emails to unsuspecting people, offering jobs processing financial accounts. This is, of course, a scam for money laundering, and these people are being drafted in to be used as money mules.

Local cases have been noted and people are asked to question any such emails, when they are offered large sums for doing nothing more than opening a bank account and processing money through it. Phishing of this kind is usually used to process the money obtained illegally through fake websites and Malware which record a person’s bank details in order to then take money out of their account.

“In Qatar we are not immune to this kind of activity and it is on the rise. Just last week I had to contact a bank in Doha and warn them that a fake website of their bank was live and attempting to obtain customers details. At Q-CERT we are able to trace the origin of the website’s host, contact our CERT counterparts there, and have it taken down. But constant vigilance is key,” said Bouaoud.

Here are Q-CERTS top tips for keeping your financial information safe in the digital age…
1) Cancel and cut up unused cards.
2) Do not send your card or account number via email.
3) Always keep your pin number safe and secret, memorize it and shield it when typing it in.
4) Look out for anything suspicious on the ATM you are using and contact the bank if necessary.
5) Shred your receipts, don’t leave them laying around.
6) When making a purchase online look out for the padlock symbol indicating it is a safe website and it starts with https://.
7) Make sure you have the latest updated software on your computer that detects Malware.