Deloitte Spa Co. LogoSpa Co.
Real Case Study: Qatar Banking Scam

How a Scammer Almost Robbed from an Engineer in Qatar as Magrobbi 🇲🇦

Understanding the sophisticated social engineering attack that nearly drained a victim's bank account. This scam came dangerously close to succeeding. Learn the exact method so you can protect yourself and others.

⚠️ Critical Point: The One Rule That Saved This Victim

The victim refused to share the OTP code. Banks and legitimate services NEVER ask for OTP codes. Your verification code is yours alone. The victim's Microsoft SC-100 Cybersecurity Certification taught them this simple rule—and it prevented financial loss.

✓ How The Victim Endured:

After 16 minutes of intense persuasion, the scammer failed to convince the victim to share the OTP. The victim's knowledge and refusal left the scammer with no choice but to hang up—a hard swallow for an attack that came so close to succeeding.

The Attack Method Explained

A detailed breakdown of how the scammer exploited trust and technology to execute the theft

Phase 1: Intelligence Gathering

Intelligence Gathered During Interview

This data was obtained during a Microsoft Teams interview meeting with Sejel Technology Co. Ltd, the company the victim had offered to sign with the day before. The scammer had access to the victim's sensitive information because he was part of the leadership of Sejel Tech with the HR completely unaware:

  • QID Number (Qatar ID)
  • IBAN (Bank Account Number)
  • Phone Number - Not the one registered with the bank, but the victim's personal contact number

The scammer bet the victim might receive the OTP on this number or another number on the same device. The victim had a second number within the same iPhone, which was registered with the bank—this became the source of the OTP authentication.

Microsoft Teams Interview Call

Interview Meeting

Sensitive Info Leaked During Call

Scammer gathered QID, IBAN, and phone number

Phase 2: Social Engineering Call

The Fake Bank Manager Call

The scammer made a phone call claiming to be a manager named Mohammed Ahmedat the victim's exact bank (e.g., Doha Bank). He told the victim that they heard he was leaving Qatar and wanted to perform a money laundering verification.

What the scammer said:

"Hi, this is Mohammed Ahmed from Doha Bank. We heard you are leaving Qatar and we need to do a money laundering verification on your account. I'm here to help secure your account."

Why this worked:By knowing the victim's phone number, QID, and IBAN, plus the leaving-Qatar detail, the scammer built instant credibility. The victim thought the bank had called them.

Ooredoo Qatar Logo

Fake Qatari Call

Mohammed Ahmed - Doha Bank

Incoming Call from Ooredoo Qatar

Duration: 16 minutes

Ended by: Scammer (hung up)

How The Victim Escaped:

The victim refused to share the OTP. Thanks to their Microsoft SC-100 Cybersecurity Certification, the victim knew that legitimate banks never ask for OTP codes under any circumstances.

After 16 minutes of intense persuasion with illogical arguments, the scammer could not convince the victim to hand over the code. The victim's refusal left the scammer with no way forward.

The scammer had no choice but to hang up the call himself—a hard swallow for the attacker after investing so much time and effort. (One of the most hard spiritual swallows)

Caller ID Spoofed to appear as a local Qatari Ooredoo number

✓ The victim's cybersecurity knowledge saved them from financial loss

Phase 3: The Fake Registration

The Fake Registration

The scammer instructed the victim: "We will do a register on the official National Address Database for you"

What the victim didn't know: The scammer directed HIMSELF to this official-looking website:

https://www.nas.gov.qa/self-service/register/select-user-type

The setup (all performed by the scammer): The scammer already inputted an email address of his own (could be random), and then:

  • 1.The scammer's email was already entered on the form
  • 2.The scammer entered the same random email again for confirmation
  • 3.The scammer entered the victim's actual phone number

Critical Detail:When the scammer submitted the form with the victim's phone number, the OTP was sent to the victim's phone. The scammer had this registration screen displayed on his own computer and could see the OTP submission process in real-time.

The Psychological Manipulation:

Before performing the registration, the scammer told the victim: "We will send you an OTP and you need to keep it safe and don't share it with me."

This created a false sense of security. The victim believed they were protecting something crucial, when in reality they were being primed to immediately share that exact OTP in the next phase as "money laundering verification."

Phase 4: The Final Theft

The Ooredoo Money Account Takeover (Almost Successful)

This is where the scammer almost drained the victim's bank account via Ooredoo Money—but the attack was nearly completed.

The scammer used the victim's bank information with Ooredoo Money to gain access and attempt the theft:

  • Access the victim's Ooredoo Money account using their IBAN and QID
  • Initiate a deposit/transfer from the victim's BANK ACCOUNT to the scammer's target account
  • Request the OTP code from the victim under the guise of "money laundering verification" - AFTER asking them to keep the tawtheeq code safe

The Final Con:

"Please provide the verification code for the money laundering check. The tawtheeq code you kept safe is for your protection."

The victim provides the OTP, thinking it's for the fake tawtheeq registration, but it actually confirms the bank transfer.

Ooredoo Money App - Account Takeover Interface

Ooredoo Money Interface - Gateway to Nearly Drain Account

When the victim almost shared the OTP, the scammer was ready to execute the transfer from the victim's bank account to his own. The attack was nearly successful.

The Attack Timeline

From initial contact to account drain in just minutes

Minute 1

The Call

Scammer calls posing as bank manager, mentions they know victim's account details

Minute 2-3

Registration Setup

Victim is guided to register on official government website (nas.gov.qa)

Minute 4-5

OTP Request

Victim receives OTP for "verification", scammer asks for the code

Instant

Account Drained

OTP code unlocks the Ooredoo Money transfer, account balance goes to zero

Critical Point: The victim REFUSED to share the OTP code. Banks and legitimate services NEVER ask for OTP codes. Your verification code is yours alone.

Critical Warnings

Red Flags to Recognize

Learn to spot the warning signs that indicate a scam attempt

Banks Never Call First

Legitimate banks don't initiate security calls. If they do, hang up and call the bank directly using the number on your card.

🚨 CRITICAL

Knowing Your Account Details

A "bank manager" knowing your QID, IBAN, and phone doesn't prove legitimacy. This information can be breached from many sources.

🚨 CRITICAL

OTP is Confidential

Never share OTP codes via phone, email, or any communication. A bank will NEVER ask you for it.

🚨 CRITICAL

Urgency and Pressure

Scammers create urgency: "Act now!", "Your account is at risk!", "Do this immediately!". Take time to verify.

⚠️ HIGH RISK

Multiple Verification Steps

The scammer had the victim register on a government website (legitimate looking) before attempting to steal. This created false trust and nearly resulted in account drain.

⚠️ HIGH RISK

Money "Verification" Claims

Statements like "anti-money laundering verification" or "money laundering check" for codes are red flags. This scam nearly worked because the victim almost believed it.

⚠️ HIGH RISK

Asking You to Keep Secrets

If someone says "don't tell your bank" or "keep this conversation private", they're a scammer.

⚠️ HIGH RISK

Too-Good-to-Be-True Offers

Rewards, refunds, or unexpected benefits that require your verification codes are scams.

⚡ MEDIUM RISK

What to Do if You Receive a Suspicious Call

  1. 1. Hang up immediately. Don't continue the conversation.
  2. 2. Never share codes - OTP, verification codes, or any numeric codes.
  3. 3. Call your bank directly using the number on your card or official website.
  4. 4. Report the scam attempt to your bank and local authorities.
  5. 5. Monitor your account for unauthorized transactions.

How to Protect Yourself

Comprehensive strategies to prevent becoming a victim of financial fraud

Protect Your Personal Data

  • Never share QID, IBAN, or passport numbers via phone or email
  • Use strong, unique passwords for all financial accounts
  • Enable two-factor authentication on all important accounts
  • Regularly check your credit report for unusual activity

Bank Security Best Practices

  • Your bank will never ask for OTP codes over the phone
  • Always verify calls by hanging up and calling the bank directly
  • Use official banking apps only (download from official stores)
  • Keep your banking app and phone updated with latest security patches

Verify Before You Act

  • If a "bank" calls, hang up and call your bank using the number on your card
  • Check your bank statements regularly for unauthorized transactions
  • Never click links in suspicious emails or texts from your bank
  • Visit the official website directly instead of using provided links

Stay Alert & Informed

  • Enable SMS alerts for all bank transactions
  • Subscribe to fraud alerts from your bank
  • Educate friends and family about common scam tactics
  • Report suspicious activity immediately to your bank

For Businesses & Organizations

  • Train employees on social engineering and phishing attacks
  • Implement strict protocols for sharing sensitive information
  • Use multi-factor authentication for all accounts
  • Conduct regular security audits and vulnerability assessments

If You've Been Scammed

  • Contact your bank immediately and freeze the account
  • File a police report with details of the scam
  • Report to Central Bank of Qatar (CBQ)
  • Monitor your accounts closely for 6-12 months

Key Takeaway for Engineers & Tech Professionals

Tech professionals are high-value targets for scammers because they often have:

  • Higher bank balances
  • Better security awareness (may underestimate social engineering)
  • Information available in leaked datasets from major breaches
  • Professional trust in legitimate-sounding authority figures

Don't let technical expertise make you complacent about financial security.

Emergency Contacts (Qatar)

Central Bank of Qatar (CBQ)

+974 4413 3333

Qatar Police

999

Your Bank's Security Line

Use the number on the back of your card or official website

Report fraud immediately. Every minute counts.

Share This Knowledge

Help Protect Your Community

This scam is actively targeting professionals in the Middle East. By sharing this information with friends, family, and colleagues, you can help prevent others from becoming victims.

⚠️ Critical Warning: Don't trust even people running umrah/hajj systems and wearing kandura. Scammers impersonate anyone to gain your trust.

Share This Case Study With:

👥 Your Network

Friends and family who use banking apps

🏢 Your Workplace

Colleagues and HR teams for security training

🎓 Communities

University groups and professional networks

Full Story on LinkedIn

Deep-dive posts exploring the attack, the resilience, and the lessons that can protect you

01

The Attack Story

How the scam unfolded and what happened during the 16-minute call

Read on LinkedIn
02

The Resilience Journey

How the victim transformed near-loss into extraordinary achievements

Read on LinkedIn
03

The Lessons Learned

Critical security insights and how to protect yourself from similar attacks

Read on LinkedIn

Follow for more insights on cybersecurity, social engineering awareness, and professional resilience in the digital age.

Resilience Outcomes

From a moment of vulnerability came extraordinary growth and achievement

Financial Resilience Through Strategic Investment

Rather than succumbing to the attempted theft, the victim leveraged their protected financial security to build something meaningful. They invested strategically to sustain an Airbnb venture, transforming a moment of near-loss into a foundation for sustainable income and entrepreneurial growth.

Professional Achievement & Government Recognition

Through persistence and integrity, the victim earned a comprehensive professional contract stamped and verified by prestigious institutions:

  • Saudi Ministry of Foreign Affairs - Governmental endorsement
  • Chamber of Jeddah - Commercial chamber certification
  • HRSD & HR Department - Human resources and labor ministry approval

Legal Documentation & Visa Success

The victim systematically renewed and fortified their legal documentation across government systems, enabling a seamless transition:

  • Renewed legal documents across multiple government systems
  • Successfully obtained an official work visa
  • Secured travel documentation and passage

Spiritual Fulfillment

In the ultimate expression of resilience and faith, the victim completed the sacred journey—performing Umrah with clarity of purpose and grateful heart. What began as a threat became a testament to the power of knowledge, determination, and spiritual grounding.

This is the true measure of resilience: not merely surviving an attack, but thriving in its aftermath.

Built with v0