Picture used for illustrative purpose only.

Mahmoud Mohsen, Staff Reporter

The General Command of Sharjah Police, represented by the Criminal Investigation Department (CID), successfully recovered a sum of Dhs300,000 that was appropriated through a cyber operation.

The competent security teams were able to stop the operation and recover the money in a highly professional operation that took 6 hours to identify and arrest the perpetrators and recover the stolen money.

Major Mohsen Ahmed, Director of the Cybercrime Branch at the Sharjah Police, disclosed that a report was received from a Gulf national. The report detailed how his daughter had fallen prey to a cyber fraud during the payment of fees for a government service. The transaction was conducted via a fictitious link, wherein the victim was prompted to remit the requisite fees for an electronic service purportedly provided by a government institution's website. The temporary password, "OTP," was subsequently conveyed to her via an SMS sent to her mobile phone. Following the completion of the transaction and the input of the OTP, she was astonished to observe that Dhs300,000 had been deducted from her account.

Fake Link

The scam involved the creation of a link to a fictitious page containing the details of the actual website of the government institution. The victim, while following the process of paying the fees, failed to notice that the taskbar changed from the official website to the fictitious one. Upon clicking the link, the victim was directed to the fake page, which was designed to trap her.

It was shown that the actual fees for the service, as displayed to the victim, was Dhs10. However, the hacker's fake page presented an alternative amount, the specifics of which were not visible to the victim. Consequently, she proceeded to pay the fees directly, without verifying the details of the SMS containing the one-time password (OTP), or even the type of currency to be used for the transaction.

The Director of the Cybercrime Branch explained that he had asked the person who reported the incident to provide him with the account number that was subjected to the fraud. Immediately, a team was formed from the Cybercrime Branch, and through research and investigation, the account of the perpetrator of the cybercrime was reached. Consequently, the field team was informed to move immediately according to the available information, and within 6 hours of the report, the field team managed to arrest two of the perpetrators, while a third one, who was at the airport, had been also arrested before leaving the UAE.       

The team was able to successfully recover the funds, despite the fact that the transfer had occurred outside of the UAE. The total amount was recovered within a period of less than 24 hours and transferred back to the account of the owner. The case file was then transferred to the Public Prosecution for the completion of the necessary procedures.