CloudSEK Logo
October 31, 2023

Phishing in the Oasis: Investigating the 2 year real estate data harvesting campaign targeting the Middle East

At CloudSEK we have been monitoring the increment of data harvesting scams occurring in the Middle East market.One of the most affected markets is real estate due to increase of interest from foreign investors/oligarchs due tothe ever changing geopolitical situation of the world. Threat Actor groups understand this fact and love to capitalize on that. What we have been monitoring is thecomplete cycle of trade that has happened around illegal trade of data of leads/PII information even sortednationality wise of people who are interested in buying properties in the Middle East.

This is not the first time a scam has erupted in the Middle East specially in prime Real Estate markets like the UAE,Qatar, Saudi Arabia etc. The sheer scale at which this scam has been operating is what makes it different from theearlier campaigns that have occurred in the middle east.

This whitepaper aims to uncover a trend in the market and make people aware, to understand the scale of this campaign and its rampant increase refer to the following numbers

  • We analyzed close to 6100 suspicious domains created in the last 5-6 years
  • We shortlisted about ~3500 domains most of which were registered in the last 2 years namely from 2021-2023
  • These domains were shortlisted based on a number of factors some of them are Domain name similarity to popular properties in the Middle East, Registrant Email, JARM hash, similar templates being used as well as phone numbers etc.

Authors & Contributors

Anirudh Batra
Threat Analyst at CloudSEK
Downloadable Report

Download the Report

Download the report by clicking below.
The Download will start immediately.
Download Now
Schedule a Demo

Join our newsletter

Sign up so that you don't miss any updates from us

Phishing in the Oasis: Investigating the 2 year real estate data harvesting campaign targeting the Middle East

Explore CloudSEK's in-depth analysis of the escalating data harvesting scams targeting the Middle East's real estate sector, driven by increasing interest from foreign investors amidst global geopolitical shifts. Our whitepaper unveils the extensive illegal trade of lead and PII data, categorized by nationality, for those interested in Middle Eastern properties.

Download ReportSchedule a demo

At CloudSEK we have been monitoring the increment of data harvesting scams occurring in the Middle East market.One of the most affected markets is real estate due to increase of interest from foreign investors/oligarchs due tothe ever changing geopolitical situation of the world. Threat Actor groups understand this fact and love to capitalize on that. What we have been monitoring is thecomplete cycle of trade that has happened around illegal trade of data of leads/PII information even sortednationality wise of people who are interested in buying properties in the Middle East.

This is not the first time a scam has erupted in the Middle East specially in prime Real Estate markets like the UAE,Qatar, Saudi Arabia etc. The sheer scale at which this scam has been operating is what makes it different from theearlier campaigns that have occurred in the middle east.

This whitepaper aims to uncover a trend in the market and make people aware, to understand the scale of this campaign and its rampant increase refer to the following numbers

  • We analyzed close to 6100 suspicious domains created in the last 5-6 years
  • We shortlisted about ~3500 domains most of which were registered in the last 2 years namely from 2021-2023
  • These domains were shortlisted based on a number of factors some of them are Domain name similarity to popular properties in the Middle East, Registrant Email, JARM hash, similar templates being used as well as phone numbers etc.