Your CV Is a Hacking Target: What Cairo's Workers and Job Seekers Need to Know Now
From fake LinkedIn recruiters to phishing job offers, digital threats targeting Egyptian professionals are rising fast, and most workers have no idea.
From fake LinkedIn recruiters to phishing job offers, digital threats targeting Egyptian professionals are rising fast, and most workers have no idea.

Egyptian job seekers are handing over their most sensitive personal data to strangers every day, and cybersecurity experts say the vast majority have no idea how dangerous that has become. A resume sent to a fraudulent recruiter contains a national ID number, a home address, a phone number, a work history, everything an identity thief needs. The threat is not theoretical. Egypt's Computer Emergency Response Team (EG-CERT) logged a 34 percent increase in phishing incidents targeting individuals during the first quarter of 2026 compared with the same period last year.
The timing matters because the Egyptian job market is moving faster than ever onto digital platforms. LinkedIn, Wuzzuf, and Forasna now process millions of applications monthly. The Cairo-based startup ecosystem, concentrated around the Greek Campus in Downtown and the tech clusters of Smart Village on the Cairo-Alexandria Desert Road, has normalised the idea that an entire hiring process, application, interview, offer, can happen without anyone meeting in person. That convenience is exactly what fraudsters exploit.
The most common attack is straightforward. A fake recruiter creates a convincing company profile, posts a legitimate-sounding role in, say, fintech or software development, and waits. Applicants who respond receive a request to fill in an online form, ostensibly for background screening, that harvests their Egyptian national ID number and bank account details. Some variants push malware-laced PDF attachments disguised as employment contracts. Security researchers at Trend Micro documented a campaign in March 2026 that specifically targeted Arabic-language users on LinkedIn, deploying a credential-stealing trojan through a fake offer letter PDF.
Freelancers are particularly exposed. Egypt has an estimated 4.5 million registered freelancers according to figures from the Ministry of Communications and Information Technology, and many work entirely through direct messaging on platforms with minimal verification. The Cairo co-working spaces where many of them operate, including Rasheed 22 in Heliopolis and Workplace by EWA in Zamalek, provide fast Wi-Fi but no protection against what employees do on it. Connecting to unsecured networks while handling client contracts or payment details is standard practice, and standard risk.
Professionals climbing the corporate ladder face a different variant of the same threat. Spear-phishing, targeted attacks using personalised information scraped from public profiles, is increasingly aimed at mid-level managers at Egyptian firms. A message that references a real colleague's name, a recent project, or a conference the target actually attended is far more convincing than a generic scam. The Egyptian Banking Institute ran awareness sessions for more than 1,200 banking sector employees in the first half of 2026, a sign that financial institutions are treating the problem as urgent.
The practical steps are specific. Before submitting any application, verify the company's commercial registration number through the Egyptian Companies Registry, accessible via the Ministry of Investment portal. A recruiter asking for a national ID number before a first interview is a red flag, legitimate Egyptian employers do not need that information at the application stage. Use a dedicated email address for job applications, separate from personal and banking correspondence, so a compromised account does not cascade into financial damage.
Two-factor authentication should be active on every professional platform. WhatsApp, which Egyptian recruiters use heavily, offers two-step verification in settings, fewer than 20 percent of users enable it, according to a 2025 survey by digital security firm Kaspersky covering the Middle East and Africa region. On public or shared Wi-Fi, a VPN is not optional; it is the minimum reasonable precaution. Several Egyptian providers, including local ISP TE Data's security packages, now bundle basic VPN access with business subscriptions starting at around 450 Egyptian pounds per month.
EG-CERT operates a public hotline and an online reporting portal at egcert.eg where workers can flag suspicious job offers or phishing attempts. The National Telecom Regulatory Authority also accepts fraud reports and has the authority to order platform takedowns of verified scam accounts. Using those channels is not bureaucratic overhead, it is how the threat map gets updated, and how the next person avoids the trap.
How does this story make you feel?
Spread the word
About this article
Published by The Daily Cairo
Daily brief
Free, in your inbox before 7am. Weekdays.
More in tech