On the 29th of June, 2020, Dubai Police arrested the 38-year old Raymond Abbas in his Dubai home for allegedly perpetrating a $350 Million cyber scam worldwide. The Instagram influencer who popularly went by the name of “Hushpuppi” on the social media platform, had a massive reach of 2.4 Million followers. 

Dubai police raided his apartment on Thursday night while he was asleep and found $30 Million in his home. He was arrested the same night and charged for the cyber scam, hacking and money-laundering activities. By the conjoined efforts of the FBI, Interpol, and Dubai Police, 12 of Raymond’s allies were also detained for being a part of the scam. 

What Exactly Happened?

Raymond Abbas is a 38-year old Nigerian second-hand trader of clothing accessories. He conducted his business in Lagos, the capital of Nigeria. Abbas took to Instagram to project and forecast his million-dollar lifestyle and luxuries and quickly gained immense popularity of 2.4 Million followers on the platform. 

Soon, his followers became his potential victims whom he tricked to conduct the scam. Abbas, along with 12 of his faithful allies used social engineering to lure victims and launder money from their accounts. 

He and his allies spoofed email addresses of legitimate organizations and sent phishing emails to potential victims. Furthermore, he had created fraudulent web pages and websites of popular brands and companies, impersonating them to steal banking credentials of victims. 

Facts from police investigation cumulatively suggested that:

• He was accused of attempting fraudulent activities in Europe, Nigeria, and America.
• 2 million email addresses belonging to victims were found on the dozens of electronic devices present in his Dubai home.
• 150 Million dirhams ($30 Million) in cash was confiscated from his house by the police. 
• More than a dozen luxury cars and suitcases stashed with cash money were seized from him during detainment. 

Is Lack of Cyber-Awareness a Reason Behind Cyber Scam?

The answer is, yes. If potential victims of Raymond were a bit more aware and alert about impending cyber attacks and social engineering tactics, they wouldn’t have fallen prey to his tactics. It is important to realize that not everything you see on social media is authentic information. 

While someone’s life can appear to be filled with glam and glitz on social media, the reality might be far from that. Besides this, detailed insight on cyber attacks is imperative to avoid being scammed in the future. 

Here are some pointers to avoid such cyber scams: 

1. It is always advisable to not respond to emails sent from unfamiliar or unknown sources.
2. Don’t be lured by offers that are too good to be true. 
3. Always make sure the email is sent from a valid IP address.
4. Check for errors in the main domain or subdomain of the email address to see if it is a phished ID.
5. Watch out for grammatical errors and make sure the mail has a relevant subject.
6. Hover over hyperlink sections to see whether the URL is redirecting you to the desired page. 
7. Make sure all the hyperlinked sections on the webpage are functional.
8. Don’t submit your personal data or banking credentials on unsecured websites.
9. Don’t submit your official details on external pages.

Cyber Security Solution to Ensure Safety in Organization

Security experts must make sure that the employees are aware of impending cyber threats. Employees may fall prey to similar types of cyber scams and disclose their corporate credentials on a phishing website. Therefore, to prevent such incidents, it is essential to enforce cyber security solutions in the organization.   

Moreover, email is the primary source of communication for every organization. Apart from providing security awareness training to employees, it is highly important to secure the organization’s email domain from email spoofing and BEC attacks.

Secure your organization’s email domain by implementing authentication protocols with the help of KDMARC. This tool helps in the implementation of email authentication standards such as DMARC in alignment with SPF and DKIM to not only defend your email domain against the ever-evolving email-based attacks but also to protect your brand reputation, customer base and business.

Here are the top 6 benefits of instituting KDMARC in your organization:

1. Identifies all the top sources abusing your domain.
2. Prevents email spoofing by 100%.
3. Mitigates email-based cyber attacks.
4. Gives full insight into your email channel.
5. Improves email deliverability rate and boosts email engagement.
6. Provides you with periodic email domain threat analysis reports.

About The Author

Pavan Kushwaha

Founder and CEO at Kratikal

See author's posts