1 in 3 UAE Firms Hit by Spoofing or Deepfakes, Survey Reveals
▼ Summary
– Identity fraud in the UAE has shifted, with impersonation attacks like spoofing and deepfakes now affecting more organizations than traditional threats like forged documents.
– Traditional fraud methods such as document fraud (28%) and synthetic identity fraud (27%) persist but are less prevalent than impersonation-based attacks.
– Impersonation attacks are the leading fraud type, with identity spoofing (36%), deepfakes (35%), and biometric fraud (34%) being the most common methods used.
– Fraudsters now target the identity verification step directly by creating fake but legitimate-looking identities, making detection after onboarding nearly impossible.
– To counter these threats, businesses in the UAE need layered defenses that combine flexible identity workflow orchestration with a liveness-first strategy.
A startling new survey reveals that one in three companies based in the United Arab Emirates has experienced an attack involving spoofing or deepfake technology. This data points to a significant shift in the region’s cybersecurity threats, where sophisticated impersonation tactics have overtaken more conventional fraud methods. The findings highlight a pressing need for businesses to upgrade their identity verification protocols to counter these advanced digital deceptions.
The nature of fraud is undergoing a dramatic transformation. While traditional methods like document forgery and synthetic identity creation are still reported by 28% and 27% of UAE organizations respectively, they are no longer the primary concern. Similarly, social engineering attempts affect 30% of companies. The real surge is in impersonation-based attacks. Identity spoofing now impacts 36% of firms, making it the most common type of fraud. Criminals use photographs, video replays, and screen images to mimic legitimate users during verification processes.
Close behind, biometric fraud affects 34% of organizations, with bad actors employing face morphing and masks to trick security systems. Perhaps most alarming is the rapid adoption of deepfakes, which 35% of surveyed companies have encountered. These AI-generated videos and audio clips are being used to deceive remote onboarding and Know Your Customer (KYC) checks, creating a formidable challenge for IT security teams.
A leading technology officer from the firm that conducted the survey noted a critical strategic change among criminals. The primary target is no longer a system’s backend but the initial verification step itself. By creating fraudulent identities that appear completely legitimate from the very beginning, fraudsters render many downstream detection methods ineffective. This makes the onboarding process the new frontline in the fight against digital crime.
The UAE’s enthusiastic embrace of digital transformation, including widespread remote services and biometric authentication, has inadvertently shaped this new threat landscape. The very technologies designed to enhance security and convenience are now being exploited. The tools for these impersonation attacks are not only highly effective but also increasingly affordable and scalable, posing a persistent risk.
To effectively safeguard their operations and customer data, businesses must implement a multi-layered defense strategy. This involves combining adaptable identity workflow systems with robust, continuous threat monitoring. Experts emphasize that a liveness-first approach, which confirms the physical presence of a real person, is becoming essential. By integrating these advanced verification techniques, companies can build resilient protections capable of withstanding these evolving digital threats.
A comprehensive report detailing these findings and outlining strategic recommendations is scheduled for release later this month. This broader study will provide a global perspective on the changing tactics of identity fraud and the defensive measures enterprises are adopting worldwide.
(Source: MEA Tech Watch)
