Alerts E-Threats

Ramadan-Themed Phishing, Nigerian Scams Hit Muslim Internet Users

Cyber-criminals used the start of the month of Ramadan on 20th July to launch a series of scams and spam against faithful Muslim internet users observing the fast.

Bitdefender Labs has stumbled on an increasing number of spam targeting Islamic users in the holiest month, including Nigerian-style scam offers, a barrage of sale offers and bait set out by potential identity thieves.

Here is one such example, allegedly coming from a 20-year-old woman wishing a “Happy Ramadan to you and family,” and looking for an experienced business partner:

The grammatically-challenged businesswoman promises “more informations if you indicate your interest to help” her.

In the meantime, a phishing attack crafted for Ramadan poses as a message from a bank in Hong-Kong. After wishing “Happy Ramadan,” the e-mail urges users to click on the attached document.

“Dear Friend, I am Ahmed XXXX formal Board Member of XXXX Bank Hong Kong Branch. My intention is to seek your indulgence and assistance on a share transfer. The Huge amount will be transferred into any account of your choice as soon as you reply,” the identity theft lure reads, before asking for all the info a phisher could want.

Besides the Ramadan-themed phishing and Nigerian scams, a wave of commercial spam advertising is offering everything from gastronomic delights to abayas, perfumes, legal services and PC tablets that would make an “amazing and loving Ramadan gift for kids.”

Some commercial Ramadan spam isn’t just annoying, but could be used as bait by cyber-crooks. Several commercial web sites registered on Pakistan domain .pk have received poor ratings from the Web of Trust that analyses if pages come loaded with malware, phishing, scams, or bad online shopping experiences. 

This year, Ramadan started on Friday, the 20th of July and will continue for 30 days until Saturday, the 18th of August.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Ionut Raileanu, Bitdefender Spam Analyst.



About the author


Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story. She's the industry news guru, who'll always keep a close eye on the AV movers and shakers and report their deeds from a fresh new perspective. Proud mother of one, she covers parental control topics, with a view to valiantly cutting a safe path for children through the Internet thicket. She likes to let words and facts speak for themselves.


Click here to post a comment
  • now they don’t even bother to make a web page hosted on a server for filling data, send you directly a
    http file with some java scripts included for sending your data to his e-mail

    i never use on-line banking but i received letter to update my banking details :))

    my e-mail is in good hands, spammer hands :))