Cybersecurity analysts have reported a notable increase in digital attacks in the UAE and surrounding regions during the month of Ramadan. Hackers are leveraging the surge in online shopping associated with this holy month, underscoring the necessity for preparation and readiness to combat these threats, which are critical facets of proactive defense.
Statistics indicate a more than 28% rise in malware activity, coinciding with intensified protective measures implemented by cybersecurity institutions. Regulatory bodies have escalated their protective protocols and heightened public awareness campaigns to mitigate attempted breaches and contain threats using the best defensive strategies available.
Experts have identified that attacks have predominantly targeted the e-commerce sector, aiming to exploit the significant activity and booming transactions, which reportedly rose by 143% during this festive period.
According to data from ransomware.live, between 4% and 7% of total cyber incidents in the UAE occurred during Ramadan from 2024 to 2025, reflecting a marked increase in seasonal exploitation by attackers.
Phishing and Fraud
Joni Karam, Managing Director and Vice President for Emerging International Markets at Cohesity, highlighted a noticeable rise in phishing attempts and ransomware attacks during Ramadan. This trend is attributed to the uptick in digital transactions, fundraising campaigns, and social media activity, where attackers exploit these conditions to dispatch fraudulent messages that appear to offer Ramadan deals or solicit zakat donations, taking advantage of the seasonal trust of users.
Karam noted that this surge is not confined to Ramadan itself; it often expands into the following months, with attacks sometimes amplifying by up to 450% after the holy month, as attackers seek to align their campaigns with trending topics to boost their credibility and increase the likelihood of targeting victims.
Targeting Institutions
Karam remarked that a study by Cohesity last year found that 59% of institutions experienced a significant cyber attack, reflecting the growing level of digital threats faced in the country and the broader Arab region. He emphasized that readiness and preparedness are pivotal for proactive defense, advocating for the implementation of multi-factor authentication for all critical systems, enhancement of email security measures, continuous monitoring of unusual activities, and regular testing of immutable data backups. Karam also recommended periodic reminders for employees about the risks associated with seasonal phishing campaigns, particularly during Ramadan. For individuals, he stressed the significance of vigilance, verifying charitable organizations through official channels, avoiding clicking on unknown links, enabling two-factor authentication on banking and social media accounts, and continuously updating devices and systems.
Primary Objectives
Azeddine Hussein, Senior Regional Director of Solutions Engineering at SentinelOne, shared that reports from Riscurity and Curator Labs showed a 22% rise in attacks within the UAE alone, alongside a more than 28% increase in malware activity. Furthermore, the commercial sector, particularly e-commerce, emerged as a primary target, with digital transactions escalating by 143% during Ramadan. Hussein indicated that financial losses attributed to cybercrimes and fraud in the Arab region during this holy month could reach up to $100 million. He stressed the importance of adopting a multi-layered approach that encompasses both individuals and organizations, utilizing AI for threat monitoring, providing regular training for employees on phishing risks, and reinforcing access control measures for systems and data. Additionally, he advised consistently verifying the reliability of websites and platforms before conducting transactions and using HTTPS protocols to ensure a secure digital experience during the holy month.
Security Vulnerabilities
Rob Standing, Regional Vice President for the Middle East and Africa at Rubrik Cybersecurity, pointed out that reduced workforce numbers during Ramadan and altered shift schedules create security vulnerabilities, especially with the rising activity in e-commerce and charitable donations, which presents opportunities for heightened cyber risks. Standing noted that AI-driven attacks, particularly identity theft, are accelerating globally, especially as critical sectors like retail, banking, and logistics integrate independent agents and automated systems. He emphasized that such attacks can execute comprehensive system breaches at unprecedented speeds, urging organizations to adopt an “assume breach” approach, implement automated remediation tools, and strengthen governance to protect digital assets throughout the year, not just during Ramadan.
