During the Hajj season, there is an increased risk of online scams targeting individuals who are planning to make the pilgrimage to Mecca. Fraudsters employ various tactics to deceive and defraud unsuspecting pilgrims.
According to the Association of British Travel Agents (ABTA), every year, around 25,000 pilgrims from the UK travel to Saudi Arabia for Hajj. ABTA has reported cases where individuals have paid for sub-standard or non-existent travel arrangements, resulting in financial losses of thousands of pounds for the victims.
These scams often involve fraudsters duping people into parting with personal information and money by encouraging them to follow links to fake websites. The scams can be particularly devastating, as individuals may lose their life savings or suffer significant financial losses.
Fraudsters do not discriminate based on age, gender, or location. They target licensed travel companies and advertise fraudulent deals for Hajj tours.
Common scams during the Hajj season include:
1. Fake Hajj pilgrimage agencies: Fraudsters set up fake travel agencies or websites offering attractive packages to entice people. These packages may be sold at significantly discounted prices, but the tour operator closes shortly before departure, leaving individuals without a tour and no way to get their money back.
2. Online registration scams: Scammers create fake websites or send out false invitations, duping people into providing personal information and money. They may encourage individuals to follow links to these fake websites, where they are tricked into making payments or sharing sensitive information.
3. Sub-standard or non-existent travel arrangements: Some individuals pay for travel arrangements that turn out to be sub-standard or, in the worst cases, non-existent. Victims may be left out of pocket by thousands of pounds.
4. Unlicensed or fraudulent travel companies: Organized crime groups target licensed travel companies and advertise fraudulent deals for Hajj tours. These deals may be sold at significantly lower prices, but the tour operator closes before departure, leaving individuals without a tour and no way to get their money back.
5. Social media scams: Scammers use social media platforms to promote fake Hajj packages and entice people with attractive offers. They take advantage of the high demand for pilgrimages and use social media to spread their scams.
Evolving Fraudulent Tactics For Identity Theft
Resecurity has detected multiple fraudulent resources impersonating Nusuk, the official digital platform for Hajj and Umrah pilgrims. These fake resources are designed to trick consumers by mimicking official messaging on behalf of Saudi Arabia’s leadership.
The fraudsters are impersonating the country’s leadership to increase trust in their fake resources, which are intended to collect sensitive information and facilitate fraudulent activities. It is essential for consumers to be aware of these fraudulent schemes and take necessary precautions to protect themselves.
Below are some snapshots captured from the fraudulent links that collect personal identifiable information (PII) under the guise of free Hajj applications. These links are designed to trick victims into sharing their sensitive information, which is then used to scam them or sold on the dark web.
Fig1
The fraudulent links appear to be legitimate, but they are actually designed to collect sensitive information such as names, dates of birth, nationalities, and contact information. This information is then used by threat actors to commit identity theft, fraud, and other cybercrimes.
One of the fraudulent resources, registergov[.]com, has been identified by Resecurity as part of a larger identity theft campaign targeting consumers.
The fraudsters aimed to imitate a government resource by using a similar design and style, along with copied text from the official ministry’s website resources. This sophisticated approach was designed to deceive victims into sharing their personal information. The fraudulent resource was first detected in early May, and it is believed that it has been active since then.
