Phishing scams increasingly target Moroccan institutions and users
Fraudulent messages impersonating official institutions are spreading across Morocco, raising concerns about the growing sophistication of cyber threats, according to an article published by government friendly outlet Yabiladi on April 13. Experts warn that these scams are becoming harder to detect and form part of a wider rise in cyberattacks targeting both public institutions and digital platforms in the country.
Many of these scams take the form of SMS messages that appear to come from trusted authorities. For example, users may receive notifications urging them to pay an alleged traffic fine or resolve an urgent administrative issue. In several recent cases, the messages falsely claimed to be sent by the National Road Safety Agency (NARSA) and the Ministry of Justice (Morocco).
Both institutions quickly denied sending such messages and warned citizens that the links included in them lead to fraudulent websites. Officials emphasised that they do not request payments or personal information through SMS links and advised users to avoid clicking on suspicious messages or sharing sensitive data such as banking details.
Cybersecurity specialists explain that the success of these scams relies mainly on psychological manipulation. Fraudsters often exploit trust by using the names of well-known institutions and create urgency through warnings about penalties or deadlines. These tactics pressure victims into reacting quickly without verifying the information. Experts also note that phishing messages have become more convincing, with professional wording and links that closely resemble legitimate websites.
To reduce risks, specialists recommend carefully checking website addresses and ensuring that official domains end with extensions such as “.gov.ma” or “.ma”. They also stress that legitimate institutions will never request confidential information, including passwords or financial details, through text messages. When in doubt, users are advised not to click on links and instead contact the institution directly to confirm the message’s authenticity.
Phishing attempts in Morocco are not limited to public services but also affect the banking sector, where scammers use fake calls, surveys and messages to obtain personal data. Experts highlight that verifying the source of a message is essential, especially if it appears outside the usual conversation thread from a bank or service provider.
Beyond individual scams, authorities are facing a broader wave of cyber threats targeting national institutions. One of the groups frequently mentioned in connection with recent incidents is JabaRoot DZ, which has reportedly carried out attacks against government bodies and digital platforms, leading to significant data leaks. These developments underline the importance of stronger cybersecurity measures and greater public awareness as digital services continue to expand.
Yabiladi, Maghrebi.org
Want to chase the pulse of North Africa?
Subscribe to receive our FREE weekly PDF magazine
