Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Group-IB uncovers a Ramadan-related scam targeting Muslim mobile users worldwide

Media Center Press Releases
April 10, 2024 · 3 min to read
CERT-GIB
MEA
Scam

Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, announces today that its Cybersecurity Emergency Response Team (CERT-GIB) has uncovered a Ramadan-related scam targeting Muslims worldwide. During its investigation, CERT-GIB found that the scammers had registered 375 unique domains, mainly in the top-level domains .top, .shop, .xyz, between August 2022 and April 2024 which were dormant and had no prior content, indicating a long-term strategy to execute this scam during Ramadan. Operating under the guise of offering 60 GB of free mobile internet data at 5G speeds across a variety of telecommunications operators, the scammers aim to collect personal data and redistribute traffic further to dubious sites involving online casinos, and investment scam sites.

Screenshot of just one of the 375 web pages created by scammers targeting Muslims celebrating Ramadan

Screenshot of just one of the 375 web pages created by scammers targeting Muslims celebrating Ramadan.

With a focus on creating a sense of urgency and trust, the scammers lure victims with promises of generous internet data gifts. The scam employs social engineering tactics, leveraging cultural symbols such as those associated with Ramadan, as well as comments made by other “users” about receiving their gifts, to appear legitimate and trustworthy.

While the overall structure of the scheme resembles past scams involving quizzes and questionnaires, this iteration introduces novel elements. Instead of monetary promises, victims are enticed with specific offers of mobile data. Furthermore, redirections may lead victims to investment scam websites, adding another layer of complexity to the scheme.

The scam also employs various social engineering techniques, including creating a sense of exclusivity and urgency. Victims are encouraged to share the scam link with their contacts on WhatsApp within a limited timeframe, exploiting trust and pressure to act quickly. However, despite completing multiple steps and receiving praise along the way, victims ultimately do not receive the promised gifts. Instead, they may be directed to fill out questionnaires or provide personal information, leading to investment scam pages where they may be coerced into making deposits.

“As we continue to monitor and analyze these threats, we wish to caution everyone to be more cautious, especially during festive and cultural celebrations. By leveraging cultural symbols and social engineering tactics, these fraudsters prey on trust and urgency, ultimately leading unsuspecting victims into a web of deception. We urge users to exercise caution and verify the legitimacy of offers before sharing personal information online.”

Vladimir Kalugin
Vladimir Kalugin

Operations Director, Digital Risk Protection (DRP) / CERT at Group-IB

About Group-IB

Established in 2003, Group-IB is a leading creator of predictive cybersecurity technologies to investigate, prevent, and fight digital crime globally. Headquartered in Singapore, and with Digital Crime Resistance Centers in the Americas, Europe, Middle East and Africa, Central Asia, and the Asia-Pacific, Group-IB delivers predictive, intelligence-driven defense by analysing and neutralizing regional and country-specific cyber threats via its Unified Risk Platform, offering unparalleled defense through its industry-leading Cyber Fraud Intelligence Platform, Cloud Security Posture Management, Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response (XDR), Business Email Protection, and External Attack Surface Management solutions, catering to government, retail, healthcare, gaming, financial sectors, and beyond. Group-IB collaborates with international law enforcement agencies like INTERPOL, Europol, and AFRIPOL to fortify cybersecurity worldwide, and has been awarded by advisory agencies including Datos Insights, Gartner, Forrester, Frost & Sullivan, and KuppingerCole.

For more information, visit us at www.group-ib.com or connect with us on LinkedIn, X, Facebook, and Instagram.

Discover our podcasts to hear from leading voices on Masked Actors and Fraud Intel, where top cybersecurity experts share real-world experiences, emerging trends, and practical insights to help you stay one step ahead in the fight against cyber crime.

Read next
May 21, 2026
Group-IB Achieves AWS Financial Software Competency, Recognizing its Cybersecurity Capabilities for Global Banking, Insurance, and Payments Sectors
May 19, 2026
Group-IB partners with Coventry University Egypt to build the next generation of cyber defenders
May 19, 2026
Gartner® names Group-IB as a Representative Vendor in the 2026 Gartner® Market Guide for Cybersecurity Incident Response Retainer Services
May 18, 2026
Group-IB supports INTERPOL’s Operation Ramz, contributing intelligence to first MENA-focused cybercrime takedown
May 12, 2026
Group-IB launches Prevyn AI to bridge the gap between detection and predictive cyber defense
May 5, 2026
Group-IB named a Leader in the inaugural Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies
Go to all Press Releases →