UAE: Posting high-resolution photos on social media could put you at risk; here's why
"If you have two high-resolution images on social media, scammers can identify figure prints, and they can create digital identity or image to create a bank account or create an e-SIM," said Ashraf Koheil, regional sales director for Meta, Group-IB.
Social media penetration in the UAE is relatively high, as an average resident has more than one social media account, including Facebook, WhatsApp, Instagram and YouTube. Cybersecurity experts warn that cybercriminals are increasingly targeting Friday nights, knowing that security operations are not running at full capacity on that day.
"They could manipulate digital identity and date of birth and create a crypto account and use that account for money laundering and terror financing," he said. Koheil also added that students from financially sound backgrounds are often targeted.
SIM swapping, MITM attacks
Although criminals could use high-res images for facial recognition or create deepfakes, this is not the most significant security concern, said Andreas Hassellöf, CEO of Ombori.
"The real risks stem from sharing personal data — such as email addresses, phone numbers and other sensitive details — that can directly be exploited. It's still important to be mindful of your digital footprint and limit sharing personal information; however, the focus should be on defending against more immediate threats like phishing, SIM swapping, and other forms of identity theft that are much more prevalent and dangerous in today's digital landscape," he said.
Hassellöf noted that threats like SIM swapping, phishing, and man-in-the-middle (MITM) attacks are more significant and immediate risks.
A SIM swap scam happens when criminals take control of someone's phone by tricking his carrier to connect his phone number to a SIM card. In an MITM attack, a perpetrator gets in the middle of communication to eavesdrop or impersonate.
"While facial recognition technology is advancing, the real-world application of this in terms of stealing identities for financial gain is still quite distant. These are much more plausible ways in which someone's bank account or personal information can be compromised. In fact, voice cloning and deepfakes are far more of a threat, and they do have real-world examples where people have been tricked or scammed out of significant sums of money," he added.
More attacks on Fridays
Ashraf Koheil elaborated that attackers try to hide in high-traffic waves. "For example, a telecom firm is running a back-to-school holiday promotion. This is when they start bombarding messages. Second, they do geofencing. For instance, if you log in from a website in the UAE, you may be able to see Salik. If you log in from Saudi Arabia, you may see a local service provider; if you log in from Egypt, you may see another local company. So, they are making it very difficult for technology vendors to detect.
"They start phishing attacks on Friday night because they know that security operations are relaxed on the weekend," Koheil added.
As a result of these challenges, security firms that could usually detect and stop an attack within an hour may take up to four hours.
"Just like we study them, they study us as well," Koheil said.
Multi-factor authentication
To address threats of SIM swapping and MITM attacks, Andreas Hassellöf of Ombori suggested that the solution lies in implementing multi-factor authentication to add layers of security, using AI-driven technologies to detect manipulated images, and leveraging blockchain-based identity management for tamper-proof protection.
"While the fear of biometric misuse is understandable, the focus should remain on addressing the more realistic and pressing security vulnerabilities," he added.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Campaign ME
an hour ago
- Campaign ME
Matter of Fact: Pushing past the transaction
Marketing in its current state is becoming formulaic, with companies emphasising seamless communication while their messaging focuses more on transactions and consumption rather than connection, especially in digital and social media. However, Gen Z, being the elusive and sceptical audience, sees through this. They want brands to offer identity and experiences, and more notably, connections. Vans' recent 'Always Pushing' campaign demonstrates effective and targeted branding. By embracing the lifestyle the brand embodies, Vans organised music and skateboarding pop-ups at key locations, leaving a lasting impression. The success led Vans to transform some retail spaces into permanent skateparks, turning stores from transactional environments into community hubs that reflect their audience's passions. The path is clear: to engage modern audiences, brands must move beyond sales-focused communication. Storytelling should centre on how the brand experience enriches lives. Successful communication aligns with preferences for value-driven, discovery-led interactions, not just promoting products. Connection, not consumption, is what leaves a lasting impression. GAME CHANGER Meta opens the message At its recent Conversations conference, Meta introduced new AI-driven features designed for businesses to enhance direct consumer marketing. The updates include expanded WhatsApp and Instagram integrations, along with collaborations with platforms such as Shopify and WooCommerce. These changes aim to help brands connect with broader audiences more easily, blending e-commerce with real-time interaction for greater engagement. BREAKING THE NET Racing into the blockbuster lane Apple's in-house film F1: The Movie starring Brad Pitt, has seen the tech giant promote the feature film by tapping into its ecosystem. The tech giant used Wallet push notifications, Apple Pay ticket discounts, and even got co-star Damson Idris to drive an F1 car from the film through Manhattan for the 2025 Met Gala, gaining additional viral mainstream attention from the stunt. #NOT MrBeast hits pause on AI YouTube's most-subscribed creator, Jimmy 'MrBeast' Donaldson, delayed the launch of his ViewStats AI tool suite following backlash from fellow creators. Critics argued that the tools, designed to generate thumbnails and captions from other creators' content, could harm YouTube's creator ecosystem. Donaldson acknowledged the concerns, withdrew the announcement, and promised to refocus ViewStats on supporting emerging creators.
Khaleej Times
4 hours ago
- Khaleej Times
As AI regulation tightens, legal foresight will define success
The clock is ticking for organisations that build, deploy, or rely on AI systems. With phase two of the European Union's AI Act fast approaching, the world's first binding AI regulation is ushering in a new era of enforceable AI governance. The act introduces strict requirements to ensure transparency, safety, and human oversight, grouping AI systems into four risk tiers that define how they are governed. Phase one, which came into force on February 2, 2025, banned AI systems deemed to pose unacceptable risk and required organisations operating in the EU to improve AI literacy among employees. The next phase places new obligations on general-purpose AI, including models such as ChatGPT, Claude, DALL·E, Midjourney, Anthropic, Meta, and Google BERT. These requirements mandate greater transparency, the creation of detailed technical documentation, and the disclosure of copyrighted materials used during training. European companies have already called for a pause on these measures, which the EU has rejected. From my perspective, this signals two realities. The first is that the era of enforceable AI regulation has arrived and will only continue to evolve. And the second, is that while responsible AI frameworks have been discussed for years, many businesses are still working out how to get prepared. Legal foresight as a strategic advantage Treating AI compliance as a reactive exercise has never been sustainable. But today, with the pace at which the regulatory landscape relating to AI and responsible and ethical AI, is evolving, legal foresight is more essential than ever. It must be embedded into how AI systems are built, deployed, and scaled from the outset. This is especially critical for general-purpose models, which are complex, fast-evolving, and capable of broad downstream impact. Integrating compliance into the development process, rather than retrofitting it later, helps reduce operational risk while strengthening trust with customers, partners, and regulators. This proactive approach is already being embraced in forward-looking jurisdictions such as the UAE, where regulation is positioned as a catalyst for innovation. In recent years, the UAE has formalised its AI governance through initiatives like the Artificial Intelligence and Advanced Technology Council (AIATC) and the UAE AI Charter, both of which emphasise ethics, transparency, and public interest. These efforts underscore the importance of co-design between government and industry to ensure that emerging technologies are not only cutting-edge, but also responsibly deployed. The co-regulation imperative No single organisation can navigate this evolving regulatory landscape alone. Engaging with industry peers, policymakers, and technology providers is essential. Co-regulation, where governments, private companies, and civil society collaborate to shape rules and guardrails which promote progress, is emerging as the most effective approach. The UAE's partnership with the World Economic Forum through the Global Regulatory Innovation Platform (GRIP) is a prime example. GRIP provides shared frameworks, benchmarking tools, and collaborative mechanisms that transform regulation from a constraint into an enabling model, aligning speed, inclusivity, and ethical standards. This collaborative mindset also shapes how Core42 designs its infrastructure. We embed regulatory and sovereignty requirements directly into our platforms to ensure compliance is not an afterthought. Our Sovereign Public Cloud, built on Microsoft Azure and supported by our sovereign controls platform Insight, addresses the complex challenges of data sovereignty and compliance for governments and regulated industries while still enabling public cloud innovation. With built-in sovereign control sets, comprehensive audit capabilities, and streamlined compliance management, organisations can manage sensitive data with confidence while benefiting from hyperscale agility and security. For customers requiring fully isolated environments for classified workloads, our Signature Private Cloud extends the same principles by combining the scalability of cloud with the control and assurance of on-premises systems. Preparing for the next frontier As governments worldwide move toward more comprehensive oversight through the regulation of AI, the organisations that thrive will be those that invest in proactive legal strategies today and seek to ensure their perspectives are tabled during the co regulation phase. In the Middle East, we are already seeing this next frontier take shape. The launch of the Responsible AI Foundation by G42 and Microsoft, in collaboration with MBZUAI, is establishing region-specific standards for fairness, transparency, and accountability. Additionally, G42's 2024 report on Sovereign AI Ecosystems highlights the growing importance of robust data governance frameworks as demand for data, storage, and computational power accelerates with AI advancements. As such, future regulations are likely to set clear parameters for data sovereignty, cross-border flows, and the accountability of AI systems operating on national infrastructure, addressing both technical integrity and the socio-cultural considerations unique to the region. In addition, continuous risk assessments, real-time auditing, and sector-specific governance will soon become standard practice. To prepare, legal teams must build cross-functional expertise, be creative and immersed in the dynamism of the environment in which the world is operating and work closely with engineers, product owners and data scientists to anticipate the regulatory landscape that will apply to what they are building rather than react to it. For companies developing or deploying AI, success will not hinge solely on technological breakthroughs but on the ability to navigate an increasingly complex legal environment. Those who approach this with foresight and integrity will be best positioned to earn public trust and capture long-term value.
Zawya
7 hours ago
- Zawya
Azimut Egypt plans to launch new dollar fund in October
Azimut Egypt for asset management, a subsidiary of the global Azimut Group, which is listed on the Milan Stock Exchange, intends to launch a new dollar fund next October, said Ahmed Abou El Saad, the CEO of the Egyptian company, while speaking to Zawya Arabic. The asset management sector in Egypt has recently recorded a significant development in the diversity of investment funds. According to official data, there are six dollar-denominated investment funds licensed by the Financial Regulatory Authority in Egypt. "In October, we will start a new dollar fund," said Abou El Saad, noting that the maturity date of the fund will be determined in the coming period. The company has been operating since 1994, when it was known as Delta Brokerage, and has undergone several acquisitions. The latest acquisition was in 2019, when Azimut Global Holding fully acquired it. Azimut Egypt manages assets exceeding 26 billion Egyptian pounds ($534.4 million), according to its website. Abou El Saad said the new fund will coincide with the liquidation of the AZ 2025 Dollar Fund, which was launched in 2023 and has a value of around $9 million, with returns of up to 25% through its term. Azimut Egypt currently has three dollar funds with maturity dates in 2025, 2027, and 2029. According to Abou El-Saad, the total value of the three funds is approximately $45 million. Click here to read the article in Arabic.
