A new report from CloudSEK warns of a significant rise in scams exploiting the generosity and charitable spirit of Ramadan. Cybercriminals are using deceptive tactics to target individuals and organizations, employing fraudulent donation requests, fake giveaways, and cryptocurrency schemes.
The report highlights the increasing trend of Ramadan-related crypto, e-commerce, and donation scams. “Cybercriminals are exploiting this sacred period to launch targeted crypto scams, preying on the goodwill of individuals and organizations,” the report states.
Crypto Scams and Fake Giveaways
The lure of free cryptocurrency is a key tactic used by cybercriminals during Ramadan. Scammers launch deceptive schemes disguised as giveaways and airdrops to entice victims.
One example highlighted in the report is a website called “RamadanAI” that promised users prizes of value worth 0.03 and 0.10 Solana for connecting their Phantom Wallet and completing various quests. These quests included tasks like tweeting an inspiring quote, following an account, praying with intent, and reading a Surah from the Quran.
The report details how these scams exploit religious devotion by blending spirituality with financial incentives. “This scam capitalizes on religious devotion by blending spirituality with financial incentives,” the report explains. “It presents users with a gamified reward system, encouraging them to complete faith-based actions such as prayer, Quran recitation, and sharing religious quotes, under the guise of earning cryptocurrency.”
Wallet Draining and Phishing
The ultimate goal of these scams is often to gain access to users’ crypto wallets. Users are enticed to connect their wallets to receive promised rewards, which is where the real attack occurs.
The report warns of several methods used to steal funds:
-
Malicious smart contracts can drain users’ funds once connected.
-
Phishing attempts may request private keys or seed phrases.
-
Approval scams trick users into unknowingly granting unlimited spending access to the scammers.
Promotion of Fraudulent Tokens
The report also highlights the promotion of new Ramadan-themed tokens on platforms like X (formerly Twitter). Scammers create accounts to boost the promotion of these tokens, often using verified ticks to appear legitimate.
“The rapid rise of memecoins and fake tokens, often created under the guise of supporting a cause, highlights a significant regulatory gap in the crypto space,” the report notes. “Unlike traditional financial instruments, these tokens can be launched with little to no oversight, allowing bad actors to exploit public sentiment for profit.”
E-commerce Scams and Fake Giveaways
In addition to crypto-related scams, the report details a rise in fake e-commerce websites and fraudulent giveaways during Ramadan.
Scammers create fake online advertisements for Zakat assistance, as well as fake listings for luxury goods, abayas, and other products, often at discounted prices. Victims often receive substandard or counterfeit products, or nothing at all, after making payments.
The report also found instances of fake data pack giveaways for phone users, circulated across Facebook, targeting users in the Philippines and the Middle East.
Protecting Against Ramadan Scams
CloudSEK’s report emphasizes the need for increased vigilance and awareness to combat these scams. “The increasing sophistication of these frauds calls for a proactive approach, combining public awareness, stronger cybersecurity measures, and collaboration between financial institutions, retailers, and law enforcement,” the report concludes.
Individuals are advised to verify sources, be cautious of deals that seem too good to be true, and adopt secure online practices to protect themselves from falling victim to these deceptive schemes.
