HMC warns public against health card renewal scams

Increasing phishing attempts in Qatar underline the need for heightened cybersecurity awareness.

Hamad Medical Corporation (HMC) has issued a public warning against fraudulent text messages concerning the renewal of health cards.

The advisory follows several reports of individuals receiving scam messages urging them to click on dubious links.

“We kindly request all patients and members of the public to exercise caution and refrain from opening any SMS messages sent by unverified sources. These messages may contain fraudulent or suspicious links that claim to update your personal information or health card,” HMC stated in a tweet.

The corporation clarified that official health card renewals are initiated via a text message containing a link to the official Hukoomi – Qatar’s e-Government Portal.

In Qatar, phishing attempts have escalated significantly, with detections soaring by 64% in the second quarter of 2023 compared to the first.

Phishing is a pervasive form of social engineering attack where criminals disguise emails as originating from trusted entities.

According to the 2022 Spam and Phishing report by Kaspersky, the company’s anti-phishing system blocked over 500 million fraudulent website access attempts globally last year.

These fraudulent messages often lure the recipient into clicking malicious links or downloading harmful attachments. Tactics include ‘undelivered parcel’ scams, which play on human curiosity, and deceitful alerts about unusual email account log-in activity designed to trigger concern.

Moreover, cybercriminals have been impersonating reputable banks, requesting individuals to complete Know Your Customer (KYC) verification. These emails often use manipulative language and an authentic-looking format to deceive victims.

Another strategy involves emails promising ‘free money,’ exploiting elements of human greed and curiosity. These malicious attachments are usually HTML pages that redirect victims to counterfeit pages aimed at stealing email credentials.

These methods, commonly referred to as social engineering techniques, prey on human psychology to manipulate behaviour and gain illicit access to sensitive information.