SOCRadar® Cyber Intelligence Inc. | Cyber Threats Targeting the Hajj Season


Jun 12, 2024
9 Mins Read

Cyber Threats Targeting the Hajj Season

Hajj is a religious obligation for Muslims, which must be completed at least once in their lifetime by all adults who are physically and financially able to make the trip. Due to its significance, criminals often try to scam those who simply wish to perform this sacred duty.

Each year, millions of people go on the Hajj, a profound spiritual pilgrimage, all across the world. With pilgrims coming from all over the world, nations, and social classes, the Hajj is one of the biggest and most important religious gatherings in the world. While the exact number of pilgrims varies every year, it typically hovers around two million.

This year, the Hajj season will take place from June 14 to June 19, and cyber attacks are expected to increase since the dates are approaching.

Importance of Proper Cybersecurity Measures During the Hajj Season

During the Hajj season, cyber threats mainly involve financial scams aimed at exploiting pilgrims. They may encounter phishing schemes and fake websites imitating genuine travel agencies, visa providers, or accommodation services. These scams deceive pilgrims into sharing personal details and making payments for services that don’t actually exist.

Consequently, pilgrims risk losing money or having their personal information pilfered by criminals, which can spiral into more significant issues like unauthorized access to bank accounts and other online platforms. Moreover, the sense of urgency often felt while traveling may heighten susceptibility to deception, amplifying the impact of these attacks.

In this article, we tried to create an overview of the cyber threats pilgrims may face.

Fake Hajj Companies

Fake companies presenting themselves as travel agencies, visa providers, or accommodation services present a significant cyber threat to pilgrims. They use convincing websites and advertisements, using logos and language that closely mimic legitimate organizations and pilgrims seeking to fulfill their religious duties may try to book their services. Beyond the initial financial loss, these scams can also collect sensitive information, which can be used for unauthorized bank withdrawals that may occur in the future.

Traveling has three main legs: accommodation, transportation, and nutrition. While food is not a huge source of cyber threats when you travel, booking a hotel room or buying a plane ticket means you need to click some places.

When you go online for those needs, you can see some attractive packages presented to you by criminals. While these packages can be significantly lucrative, it is always a good idea to question if something is too cheap. Otherwise, you might face a serious problem right before your departure. Checking these companies from various sources is a good way to ensure your security. You can check if they have enough comments or ratings for that website, if they are using various marketplaces for a certain amount of time, or if there is a registered company behind the website you are using. If you can’t find this company in marketplaces, you can also check the history of the domain from services like Whoxy. This way, you can see if the domain was in use for a long time or if it was just opened. While a fresh domain doesn’t mean fraudulent activity in all cases, it is best to be careful.

History of a domain from Whoxy

History of a domain from Whoxy

The same thing is also valid for visa providers. Right now, there are many companies out there that help you with complicated visa processes. While they give you peace of mind, a wrong step can cause you serious headaches in the future. Scammers can create fake services to collect fees and personal information without providing any service in return. You should be careful with the visa requirements for your country and act after that. If you must use one of these companies to take care of bureaucratic affairs for you, then you can check authorized visa companies who are more responsible for handling personal data.

You wouldn’t want to end up in the streets while you should be thinking about your religious deeds. You should be cautious of fake hotels and other types of accommodation services. Criminals may advertise appealing options that do not exist and cause financial problems for you. Always verify the authenticity of accommodation providers through various sources before booking anything.

Hajj Registration and Lottery Scams

As we mentioned earlier, many people wants to visit Hajj every year. Due to the high demand, the government initially used a lottery system to select pilgrims for Hajj. However, after facing ongoing criticism, they switched to a priority-based system. This new method aims to address concerns about fairness and accessibility, ensuring that those most in need or ready for the pilgrimage are given priority.

Malicious actors may exploit this situation by creating fake online platforms, taking advantage of people’s eagerness to secure a spot. These websites might ask for personal information, or even money, to “check” if you are eligible for selection. They can also try different methods to trick you by offering permits for you which are not going to be recognized by the official government.

Phishing Attacks

Phishing attacks are another significant cyber threat for Hajj pilgrims. Deceptive emails and text messages might flood your inbox, offering various services and opportunities. These messages can appear attractive and genuine, but it’s crucial to be cautious about which links you click.

You might receive a warning from a government official, a sale from an airline, or an offer from a travel agency to sell the last room available. While the examples are many, the malicious links have the same goal: to lead you to a fake website designed to steal sensitive information like passwords, credit card numbers, phone numbers, and personal details.

A threat actor sharing hotel visitors’ data on a dark web forum monitored by SOCRadar

A threat actor sharing hotel visitors’ data on a dark web forum monitored by SOCRadar

SOCRadar’s Dark Web News tool under the Tactical Intelligence module can show you the depths of dark web forums and Telegram channels. If you are worried that an organization’s data is available on the dark web, you can try our module to control a vast surface. Are you a legitimate service provider working with pilgrims? You can check if somebody is selling your customers’ data.

Since threat actors are sharing sensitive data of individuals on dark web forums, as presented above, you can get lots of phishing emails since hackers are now aware that you are a potential target who is interested in fulfilling your religious duty.

The religious significance of Hajj can make pilgrims particularly vulnerable to these attacks. Nobody wants to have problems with logistics instead of just focusing on their holy duties. Therefore, it’s important to stay vigilant when you see messages trying to push you to click on a link. Finding a room can be a hassle or plane tickets can be expensive. But it is important to stay cautious.

Measures You Can Take

The government is not silent against all the threats we mentioned. The National Cybersecurity Authority (NCA) of Saudi Arabia recently finished the “Cybersecurity Exercise for the Hajj Season 1445H,” in which various national entities, officials, and cybersecurity specialists participated. This exercise is part of the NCA’s goal to enhance the cybersecurity of entities with responsibilities during the Hajj season and improve their skills.

Additionally, the government is announcing its services to people so pilgrims won’t fall into criminals’ traps. The Saudi Ministry of Hajj and Umrah (MOHU) issues warnings to pilgrims. You can check their Twitter account, which is full of useful information.

A tweet by MOHU informing pilgrims about safe transactions

A tweet by MOHU informing pilgrims about safe transactions

It’s crucial to validate the company you’re working with through multiple independent sources. You can look at other reputable marketplaces to see if the company you are working with is listed, how old their profiles are, and if they have received sufficient ratings from numerous people.

For international pilgrims planning to perform Hajj, there are two options available. Firstly, you can use the Nusuk platform to make your arrangements. However, if you face any problems with that platform due to certain bureaucratic issues, you can contact your local Hajj Committee or Commission to obtain a list of licensed Hajj Group Organisers (HGOs) for 2024. This way, you can protect yourself from scammers and make your arrangements with trusted companies.


The high demand from the Muslim community for religious pilgrimages has become a lucrative target for criminals. These malicious actors exploit the needs of innocent pilgrims, posing significant threats that are categorized into three distinct areas in this text. To safeguard yourself from these dangers, staying vigilant and relying on official sources is crucial.

Following the official sources is the best option to choose if you want to protect yourself. However, SOCRadar Labs also provides free services which you can use to control certain parameters to make sure you are not an easy target for scammers.

The Phishing Radar service generates possible words from your domain name and searches those words in all domain name databases to detect domain spoofing and phishing. If you are running a legitimate business, you can test this tool with your own domain to see if there are any scammers out there trying to imitate your company.

With SOCRadar Labs’s Dark Web Report, you can find out if a company’s data has been exposed on dark web forums, black market, leak sites, or Telegram channels. Basically, you can make a search for the company you are working with in order to see if they are responsible with their security measures.

E-mail Analyzer service under the SOC Tools can detect whether an e-mail is a scam or not. Analyze your e-mails in seconds. You can download a suspicious email you got from a travel agency and test it with our tool.

SOCRadar XTI offers the comprehensive intelligence you need to shield your organization from threat actors and to have a pleasant journey.