By 
As millions around the world observe Ramadan, a sacred time of reflection and generosity, cybercriminals are exploiting this period with an alarming rise in cryptocurrency and e-commerce scams. CloudSEK, a provider of AI-driven cybersecurity solutions, has released an in-depth report exposing how fraudsters are deceiving individuals and organizations under the guise of charity and investment opportunities.
Ramadan is synonymous with goodwill and charitable donations, making it a prime target for malicious actors. Cybercriminals are leveraging religious sentiments to trick unsuspecting donors and investors into fraudulent schemes, draining digital wallets, and stealing sensitive financial information. CloudSEK’s latest research has uncovered a surge in scams using social engineering tactics to exploit trust. One of the most concerning trends is the emergence of ‘Ramadan AI’, a deceptive platform falsely promising crypto rewards to those who engage in faith-based activities.
Key findings from CloudSEK’s investigation:
- Fake Ramadan Crypto Giveaways: Fraudulent websites are enticing users with the promise of free cryptocurrency in exchange for connecting their wallets, ultimately leading to fund theft through malicious smart contracts.
- Manipulation Through Religious Sentiments: Scammers have introduced “Earn While You Worship” programs, encouraging users to participate in religious acts such as prayer and Quran recitation in exchange for digital currency, creating a dangerous gateway for financial exploitation.
- Deceptive Social Media Tactics: Over 15 newly created accounts on X (formerly Twitter) have been promoting dubious Ramadan-themed tokens ($RMDN, $RAMADAN, $SABR, and $DOZERAMZAN), misleading users into buying volatile and potentially fraudulent investments.
- Fraudulent E-Commerce Websites: Cybercriminals are operating fake online stores, particularly targeting Ramadan shoppers with deep discounts on cultural attire. Victims often receive counterfeit goods—or nothing at all.
- Zakat and Charity Scams: Fake donation campaigns, falsely claiming to represent legitimate Islamic charities, are tricking generous individuals into transferring funds to fraudulent accounts.
- Fake Mobile Data Giveaways: Over 50 newly registered domains with “.top” and “.xyz” TLDs have been associated with fraudulent Ramadan data giveaway campaigns, primarily targeting telecom users in the Philippines and the Middle East.
“These scams are not just isolated incidents; they represent a massive, coordinated effort by cybercriminals to exploit religious generosity on a global scale. The sheer volume of fraudulent crypto projects, fake charities, and deceptive e-commerce operations detected this Ramadan highlights a deeply concerning trend. With over 50 fake domains identified, we urge users to exercise extreme caution when making donations or investing in Ramadan-themed tokens,” Noel Varghese, Threat Researcher, CloudSEK.
CloudSEK warns that these scams not only pose a financial risk but also damage trust in genuine charitable efforts. The report underscores the urgent need for heightened awareness, stronger regulations, and responsible digital behavior to prevent unsuspecting individuals from falling victim to these schemes.
How to stay safe:
- Verify Charitable Organizations: Only donate to established charities by checking their official websites and verifying their credentials before making contributions.
- Be Wary of Unrealistic Offers: If an investment or giveaway appears too good to be true, it likely is. Avoid offers promising large crypto rewards with minimal effort.
- Protect Your Crypto Assets: Never connect your crypto wallet to unverified platforms or share sensitive information, such as private keys or seed phrases.
- Scrutinize Social Media Promotions: Avoid engaging with newly created accounts aggressively promoting crypto giveaways and investment schemes, particularly those leveraging religious themes.
Comments