Deepfake Ceos, Fake Suppliers, AI Phishing: Scams UAE Businesses Need To Watch Out For

2026-06-01 04:27:15

(MENAFN- Khaleej Times) Artificial intelligence is making cyber scams more convincing than ever, and UAE businesses are increasingly finding themselves in the crosshairs.

A new global study by insurer QBE found that 21 per cent of UAE organisations experienced an AI-linked cyber incident over the past 12 months. While that figure is lower than the global average of 29 per cent, cybersecurity experts warn that the sophistication of AI-powered scams is rising rapidly.

Stay up to date with the latest news. Follow KT on WhatsApp Channels.

Recommended For You US military disables Gambia-flagged ship attempting to reach Iranian port

According to Sam Tayan, Regional Vice President for META at cybersecurity firm Illumio, today's most dangerous attacks often look indistinguishable from legitimate business activity.

"AI-powered scams are getting harder for businesses in the region to spot because they no longer look like scams. They look like business as usual," he said.

Among the most common threats facing UAE businesses is AI-powered phishing. Unlike traditional phishing emails that were often riddled with spelling mistakes and poor grammar, AI-generated messages are polished, personalised and capable of mimicking the writing style of trusted contacts.

The scale of the problem is significant. According to Illumio, AI-powered phishing now accounts for more than 90 per cent of digital breaches in the UAE, while phishing incidents increased by 32 per cent during the first quarter of 2026.

Another growing threat is business email compromise, where cybercriminals impersonate suppliers, partners or executives to trick employees into making payments or sharing sensitive information. AI has made these attacks far more believable by helping fraudsters create convincing emails, invoices and supporting documents.

Deepfake fraud is also emerging as a major concern. Criminals can now use AI-generated voices to impersonate company executives over the phone or in voice notes. A manager may receive what appears to be a legitimate request from a senior leader asking for a fund transfer, confidential information or a one-time password.

The danger is that the voice sounds authentic enough to bypass suspicion.

Human resources departments are facing a different challenge: synthetic job candidates. AI tools can create realistic identities, resumes and even live video interview appearances. In some cases, businesses may unknowingly hire individuals who are not who they claim to be.

Procurement and finance teams are also being targeted through AI-generated invoice and contract fraud. Fake documents can closely resemble genuine supplier paperwork, making it easier for criminals to redirect payments or manipulate purchasing processes.

What makes these scams particularly dangerous is the disappearance of traditional warning signs.

"Things like poor grammar, awkward phrasing and generic wording used to give these attacks away," Tayan said. "Now messages are well written, localised and timed to fit real business activity."

The QBE report also found that many organisations may not be fully prepared to respond. Nearly one-third of UAE businesses surveyed do not have cyber insurance, while 27 per cent lack an incident response plan.

Experts say companies should assume that some attacks will succeed and focus on limiting the damage. Strong verification procedures, multi-factor authentication, employee awareness training and tighter access controls can help reduce risk.