UAE Residents Trapped by Sophisticated Fake‑Invoice Scam

Dubai authorities have issued a warning after a surge in phishing emails impersonating companies such as McAfee Security and PayPal. These messages falsely claim that debit transactions of around AED 1,400 or AED 2,200 have been processed, instructing recipients to cancel the payment within 24 hours. The ruse prompts panicked victims to call a provided number, where scammers gain remote access to their computers and harvest sensitive personal and financial data.

Law enforcement agencies in the emirates highlight this scam as a sophisticated iteration of classic technical support fraud. Dubai Police reported nearly 500 arrests related to phone-based fraud last year, while Sharjah Police uncovered another gang that misused remote-access prompts to defraud residents of AED 3 million via 173 bank accounts. Cybercrime units from across the UAE have reiterated that legitimate companies never solicit remote access, issue invoices from personal accounts, or demand immediate cancellation via unsolicited calls.

Cybersecurity experts confirm that such scams operate by embedding urgency and trusted branding within fraudulent invoices. In some cases, genuine McAfee or PayPal logos are used, with phishing emails exploiting official domains like “@paypal. com” to evade security filters. Most alarmingly, McAfee Labs noted that PayPal-related phishing attempts have spiked sevenfold compared to a month earlier, indicating that cybercriminals are increasingly refining their tactics.

These email scams typically follow a multi-stage process. Victims first receive a customised invoice claiming unauthorised charges. Alarmed by the sum, recipients are directed to call a phone number that leads to a scam call centre. Once connected, scammers initiate remote access software—such as AnyDesk—using the pretext of ‘fraud prevention’, and subsequently extract bank details, personal data and in some cases install malware.

Anecdotal evidence from victims underscores the psychological impact of the scam’s design. One government employee from Dubai reported receiving an email from someone named “Jarred” bearing a McAfee invoice. Convinced that she had skipped a subscription renewal, she reached out via the provided number to cancel. Similar stories have surfaced across the UAE, often involving the extraction of remote passwords and sensitive credentials.

Authorities emphasise vigilance. They advise members of the public to verify any invoice or billing-related email by visiting official websites or contacting customer support via verified communication channels. Users should never allow remote access in response to unsolicited calls.

Globally, this scam mirrors trends seen in the UK and North America. Consumer watchdog Which? identified parallel phishing campaigns wherein emails purporting to be from McAfee or AVG warned of antivirus renewals. These messages aimed to persuade users to scan QR codes or download malicious software to seize device control. York University’s Information Security team also identified fake McAfee renewal notices that claimed subscription charges had been processed, urging recipients to call to reverse the transaction, only to be prompted for remote access.

PayPal’s system has also been exploited via its official invoice and address‑confirmation tools. Scammers can trigger legitimate PayPal alerts by entering a user’s email, bypassing email filters and lending credibility to the scam. Subsequent messages urge recipients to call fake “support” phone numbers, leading to remote-control software installation under the guise of account verification.

Security specialists recommend the following countermeasures:
Always verify invoices by logging into the official company site or app rather than interacting with email links or phone numbers.
Inspect email senders carefully to ensure they match legitimate company domains.
Avoid granting remote access or installing software when prompted by unsolicited callers claiming to represent vendors.
Register suspicious emails with relevant authorities—PayPal’s phishing email forwarding service, and McAfee’s scam reporting email addresses are official avenues.

Email marketing firms and cybersecurity analysts also note that the sharp rise in such scams reflects a broader shift by criminals towards hybrid phishing campaigns that combine urgency, trusted branding and remote access elements. Authorities across the UAE continue to intensify public awareness efforts, urging residents to scrutinise any invoices involving unfamiliar charges above AED 1,000.