Since January this year, the number of reported malicious attacks on smartphones in Qatar has reached 11,883 according to research by Kaspersky. Kuwait, Qatar’s neighboring country, had 20,000 attacks during the same period, compared to 15,000 in Oman and 5,000 attacks in Bahrain.

Though the number might look significant, it amounts to less than 1% of Qatar’s population if we assume that every person in the country has a smartphone. However, many people rely heavily on their phones to store sensitive information, and hackers seem like a constant threat to personal security.

Doha News spoke to Ibrahim, a mobile phone repair technician, to find out about the cybercrime landscape he faces. “I get many phone calls and visits a month about people who are worried they have been hacked,” he says. “It’s more common than you would think.

“Hackers now use many new ways to access information to get money, and sometimes that can threaten people’s livelihood, especially big corporations and businesses whose employers routinely access corporate data from smartphones.”

Inventive and opportunistic hackers adapt to crisis

As the landscape of cybercrime changes and diversifies, hackers and attackers are constantly seeking new ways to make money off private information.

Timing can be a crucial part of the success of a malicious campaign. Some attackers have adapted their ‘business’ to take advantage of the COVID-19 crisis, distributing malware and causing instability. According to figures based on cyberthreats blocked by Trend Micro cybersecurity company, Qatar has recently recorded more than 2,000 email spam attacks, two malware threats, and more than 100 URL attacks. This might have been due to users changing their security practices under pressure and without having any reliable security solutions installed on their phones.

Some of Ibrahim’s customers complain about suspicious callers pretending to represent a bank or phone company, essentially aiming to extract personal information from their targets. Qatar resident Bassant Mostafa became a victim of such a scam when, a couple of months ago, someone called her claiming to be from Ooredoo.

“He had my ID number and my name. His voice sounded very professional and trustworthy, so I genuinely thought at first that it was true,” says Bassant. “He told me I had won a prize and that he needed some information to send it. I didn’t suspect until he requested my Visa number. I hung up, but he called me more than 20 times from different numbers.”

Victor Chebyshev, a security expert at Kaspersky, explains that — although worrying — the actual number of attacks hasn’t increased dramatically since before COVID-19.

“While 2,500 attacks on mobile users every month may seem to be a big number, it is great to see that Qatar’s smartphone- and tablet-owners have remained vigilant during the crisis and have not fallen for scammers’ tricks,” says Victor.

“Every system has a vulnerability, but the human factor is often considered the greatest of them. Seeing no real increase in attacks that reached users and were blocked by our products during a shift to home-working during the global pandemic is reassuring.”

How to protect yourself

Cybercrime is illegal and punishable by law in Qatar, specifically Qatari Law №14 that concerns offences committed using ‘an information network, an information system, a website, or any information technology’ (Article 45).

Since it’s better to be safe than sorry, Kaspersky’s security experts advise the following:

• Only install mobile applications from official app stores, such as Google Play on Android devices or the App Store on iOS.
• Block the installation of programs from unknown sources in your smartphone’s settings.
• Do not bypass device restrictions, as this might provide cybercriminals with limitless capabilities to carry out their attacks.
• Install system and application updates as soon as they’re available — they patch vulnerabilities and keep devices protected.
• Never download mobile OS system updates from external sources (unless you’re participating in official beta-testing). These should only be installed through official app stores.
• Use reliable security products for comprehensive protection from a wide range of threats, and update your security products regularly.

To report cybercrimes in Qatar, contact the Cyber Crime Investigation Centre by phone on 2347444 or email at [email protected].