Executive Summary: Petrodollars, Digitization, and a Fraud Epidemic in the Making
Saudi Arabia is undergoing the most ambitious economic transformation in its history. Vision 2030 — the kingdom’s blueprint for diversifying away from oil dependency — has created the largest state-directed digitization program in the Middle East: cashless payment infrastructure, national digital identity systems, massive smart city projects, and a rapidly expanding class of digitally active consumers with growing financial assets. It has also created one of the fastest-expanding attack surfaces for fraud in the world.
In 2025 alone, AI-powered scams in Saudi Arabia surged 300%. Payment fraud losses hit SAR 1 billion (approximately $267 million USD). Ransomware attacks against Saudi organizations escalated significantly, with groups including KillSecurity, Everest Ransom, and Qilin conducting major attacks against government, financial, and healthcare institutions. The kingdom’s response — a SAR 13.3 billion ($3.5 billion USD) investment in AI-driven cybercrime defense — signals that the threat is being taken at the highest levels of seriousness.
But Saudi Arabia’s fraud landscape is not only a story about sophisticated digital attacks on institutions. It is also a story about millions of vulnerable people — the kingdom’s 13+ million migrant workers, many from Pakistan, India, Bangladesh, the Philippines, Ethiopia, and Nigeria — who are systematically targeted by job offer fraud, wage theft, and the predatory exploitation of their economic desperation.
Vision 2030 and the Digital Attack Surface
Saudi Arabia’s digital transformation has created the preconditions for a fraud surge that will continue to accelerate throughout the decade. The kingdom has:
- Deployed a national digital payment infrastructure (mada, STC Pay, and the Saudi Payments network) that now processes the majority of consumer transactions
- Launched the Absher and Tawakkalna national identity and service platforms, used by virtually every resident for government transactions
- Built a national digital identity system that increasingly underpins financial account opening, employment verification, and benefit access
- Rapidly expanded e-commerce, with Saudi online retail growing at over 20% annually
- Deployed 5G infrastructure across major urban centers, enabling high-speed digital connectivity to a population of 36 million
Each of these platforms is a fraud vector. National identity platforms are targeted for credential theft. Payment systems are targeted for interception and redirection fraud. E-commerce expansion brings counterfeit goods, non-delivery, and fake merchant fraud. Digital transformation at speed invariably outpaces the development of fraud detection and consumer protection infrastructure.
AI-Powered Scams: 300% Surge
The 300% surge in AI-powered scams documented in 2025 reflects the same global trend seen across every digitally active market — but Saudi Arabia’s combination of high smartphone penetration, a relatively young population, rapid digital onboarding, and significant individual wealth makes it a particularly attractive target.
Deepfake executive fraud has emerged as a significant threat to Saudi corporations. In these attacks, criminals use AI-generated audio or video of senior company executives to authorize fraudulent wire transfers. Saudi Arabia’s corporate landscape — dominated by large family conglomerates, state-owned enterprises, and the growing network of Vision 2030 project companies — creates ideal conditions: large organizations with complex approval chains, senior executives whose voices and appearances are accessible via public media, and significant capital flows that make individual transfer redirection highly lucrative.
WhatsApp impersonation scams — a global phenomenon — are particularly prevalent in Saudi Arabia, where WhatsApp is the dominant personal communication platform. Criminals impersonate government officials, bank representatives, telecom companies, and increasingly, contacts from the victim’s own phone book (via SIM-swap or account takeover) to solicit payments or credential verification.
Cryptocurrency investment fraud has grown alongside Saudi Arabia’s rapidly expanding retail crypto participation. Despite official restrictions on cryptocurrency as legal tender, Saudis are among the highest per-capita crypto holders in the Middle East. Fake investment platforms, pig-butchering operations, and fraudulent crypto “advisory services” target this population through social media, WhatsApp, and dating applications.
The Migrant Worker Fraud Crisis
The most numerically significant fraud problem in Saudi Arabia — by victim count if not by individual loss amount — involves the kingdom’s estimated 13 to 15 million migrant workers: the largest migrant worker population of any country in the Middle East.
Migrant workers come primarily from Pakistan, India, Bangladesh, Indonesia, the Philippines, Ethiopia, and Nigeria, attracted by wage opportunities that — despite often falling short of promises — represent multiples of what is available in their home countries. This economic vulnerability is systematically exploited at every stage of the employment cycle.
Stage 1: Recruitment Fraud
Before workers even arrive in Saudi Arabia, they are targeted by fake job offers. Criminal networks — operating through social media, WhatsApp, fake agency websites, and community networks — advertise positions that don’t exist or are materially different from what is described.
Group-IB analysts documented more than 1,000 fake domains mimicking legitimate Saudi manpower organizations, used to collect “processing fees,” application payments, and identity documents from prospective workers in South Asia and Africa. Workers pay amounts that can represent months of anticipated wages — for visas, medical examinations, training certifications, agency fees — only to arrive and find the job misrepresented, the wages lower, or the employer non-existent.
The US State Department’s 2025 Trafficking in Persons Report on Saudi Arabia documented systemic labor exploitation facilitated by the kingdom’s kafala sponsorship system, which ties migrant workers’ legal status to their employer. Workers who discover they’ve been defrauded have limited legal recourse; leaving an employer without permission can render them undocumented and subject to deportation.
Stage 2: In-Country Financial Fraud
Migrant workers within Saudi Arabia face a second layer of targeting. Many are financially unsophisticated with respect to digital banking, maintain significant savings (often remitting the majority of earnings to families), and have limited access to consumer protection resources in their native language.
Common fraud vectors targeting in-country migrant workers include:
- Fake remittance services that collect cash for “transfer” and disappear
- Loan fraud targeting workers in financial difficulty with predatory or entirely fraudulent lending schemes
- Document fraud — extorting workers for falsified paperwork needed to extend visas or change employers
- Social media investment scams in workers’ native languages, leveraging community trust networks
Stage 3: Return Fraud
Workers returning home after contracts are often targeted by fraudsters posing as Saudi government agencies requiring “clearance fees,” fake tax authorities demanding payment before departure, or criminals who have obtained their contact information through data leaks or bought it from corrupt intermediaries.
The Kafala System and Fraud Enablement
The kafala (sponsorship) system — which binds migrant workers’ residency status to a specific employer — is the structural foundation that makes fraud against migrant workers in Saudi Arabia especially difficult to remedy. Workers who have been defrauded by their employer, or who discover their job was misrepresented, face a binary choice: remain in an exploitative situation or become undocumented and risk deportation.
Saudi Arabia announced kafala reforms in 2021, allowing some categories of workers to change employers without employer consent and to exit the country without an exit visa. Implementation has been uneven, and Human Rights Watch’s December 2024 report found widespread labor abuses continuing in Vision 2030 construction projects — including workers at Carrefour sites documented by Amnesty International in 2024 as being “exploited, cheated and forced to live in squalor.”
This is not a peripheral issue. The intersection of legitimate labor migration and systematic fraud in Saudi Arabia is one of the largest-scale victimization patterns in the Middle East, measured by affected individuals.
Domestic Consumer Fraud
Banking impersonation: Saudi banks are heavily impersonated in SMS and WhatsApp campaigns. With digital banking adoption accelerating among Saudi nationals and residents, criminals send fraudulent “account security” messages that direct victims to phishing pages collecting login credentials and one-time authentication codes.
E-commerce fraud: The rapid growth of Saudi e-commerce (Noon, Jarir, and international platforms) has been matched by a growth in fake storefronts, counterfeit goods, and non-delivery fraud. Social commerce — purchasing through Instagram and Snapchat, both dominant platforms among Saudi youth — is particularly fraud-exposed.
Telecom scams: Saudi Arabia’s three major carriers (STC, Mobily, Zain) are all routinely impersonated in scam campaigns. Fake prize notifications, account security alerts, and data plan renewal scams are the most common formats.
Charity and religious fraud: Saudi Arabia’s strong culture of charitable giving — particularly during Ramadan — is exploited by fraudulent collection campaigns impersonating legitimate organizations, fabricating disaster appeals, and creating fake crowdfunding drives for non-existent beneficiaries.
Law Enforcement and Government Response
Saudi Arabia’s National Cybersecurity Authority (NCA) is among the best-resourced cybersecurity agencies in the Middle East, reflecting the kingdom’s recognition of digital security as a national priority. The SAR 13.3 billion investment announced in 2025 covers:
- AI-driven deepfake detection systems
- Advanced phishing prevention platforms
- National fraud reporting infrastructure
- Consumer awareness campaigns, particularly targeting migrant populations
- International cooperation frameworks with financial intelligence units
The Saudi Cybercrime Law (Royal Decree No. M/17, 2007, updated 2022) criminalizes phishing, identity theft, unauthorized access, and electronic fraud, with penalties including imprisonment and significant fines. Enforcement against domestic fraud actors has improved; enforcement against international fraud networks targeting Saudi residents is more limited by jurisdictional complexity.
Key Statistics
| Metric | Figure |
|---|---|
| AI-powered scam surge (2025) | 300% |
| Payment fraud losses | SAR 1B (~$267M USD) |
| Government cybersecurity investment | SAR 13.3B (~$3.5B USD) |
| Migrant worker population | 13–15 million |
| Fake domains mimicking Saudi manpower firms | 1,000+ (Group-IB) |
| Fraud detection market size (2025) | $469.9M USD |
| Projected fraud detection market (2034) | $1.99B USD |
Protecting Yourself
For migrant workers considering Saudi Arabia:
- Verify any job offer through official Saudi government channels (Musaned for domestic workers, Qiwa platform for other sectors)
- Never pay processing fees, visa costs, or training fees to a private recruiter — legitimate Saudi employers bear these costs
- Use only licensed, officially registered recruitment agencies in your home country
- Retain copies of all contracts before traveling
For residents and consumers:
- Never respond to unsolicited bank, telecom, or government messages requesting credential verification — always contact the institution directly through official channels
- Be skeptical of investment opportunities shared through WhatsApp or social media, regardless of who shares them
- Report fraud to 930 (Saudi National Cybersecurity Hotline) or through the Absher platform
Sources: CYFIRMA Saudi Threat Report · Saudi Market Research Consulting · Group-IB: Hired Hand · US State Dept 2025 TIP Report: Saudi Arabia · Human Rights Watch: Giga-Projects
