These methods are not new, but the wealth of information available to intelligence agencies from which to choose agent cover has exponentially grown, most of it provided to them by -- ourselves! The amount of information we put out about ourselves on social networks, answering those pesky e-Mail questionnaires inquiring of our likes and dislikes (then forwarding them on to everyone in our mailing list for them to answer and pass on), and answering those security questions to Internet sites, banks, free trade magazine subscriptions (the list goes on) about eye color, our first car, our freshman English teacher's dog's middle name, etc., grants people with the right access a plethora of information they may need for a successful cover identity (even our personal pictures).
Before you think me an alarmist, this concern comes with longstanding and clear precedent (to a researcher, anyway). We have to go back to 1968 and the hunt for the killer of Martin Luther King. Pre-assassination, and during his get-away attempt, James Earl Ray used a number of aliases. But as the late Philip Melanson observed in his 1989 book, The Murkin Conspiracy ("Murkin"), the use of his aliases in the time frame of the infamous crime took on a whole new look than those that he used in his "petty" criminal career.
Previously, Ray would use mixtures of names of people he personally knew. However, in apparent connection with planning the assassination and fleeing prosecution, he used names of real people who bore a strong physical resemblance to himself, who lived in a Canadian city that he had never been in (and who lived within a couple of miles of each other!), and he even sought and obtained duplicate IDs with some of these individuals' names. Just the fact alone that they bore a close physical resemblance to him (even with scars on the same sides of their faces) would give any researcher with knowledge of intelligence methods reason to red-flag Ray as more than just a petty criminal. But his primary operative cover went much deeper than that.
The personal information on Galt was believed to be in his extensive security files. Access to this information would have been limited, but easy for intelligence operatives. In some 1968 newspaper articles, a Canadian authority is even quoted that intelligence or underworld methods were being used by Ray, and that the waters were being muddied to impair the manhunt/investigation.
Today, we "wear' our personal information in so many places, we become easy prey for those who would steal more than just our names for monetary gain purposes. As Melanson postulated in Murkin, the real Galt could have been arrested early on in the investigation had his location, resemblance to Ray, and frequent travels to the southern United States become known early on in the investigation. Fortunately for him, he only became known to authorities just a matter of hours before Ray's fingerprints were finally identified by the FBI. Still, with the case against Ray and his identification by the FBI, the real Galt came under much scrutiny and suspicion.
The suspicions and accusations of involvement of intelligence personnel is well placed in this case, even though it is not proven. Of course, we as citizens would expect no less from our own American Intelligence operatives, that their involvement in any operation would not be generally known, thus not tied back to the U.S. The likelihood that it was a Mossad operation is very strong, and just as likely that it will never become publicly known.
We should desist from revealing our most obscure personal data no matter how trivial we think it to be. I would suggest using random data for answering those security questions; just be sure to keep your answers privately accessible so that you can answer those questions to an operator or Web form for resetting a password. If your first defensive resistance is that it is lying, it really is just protecting your own security. It is not like your account status/credit worthiness matters if you give a random answer, it is just that your answer in the future needs to match to prove your identity. Think of it more as just an extra password, or key word, for protection of your personal data. Besides, what can bring a smile to your face quicker than using a pet dog's name in place of a mother-in-law's maiden name!?
It is interesting how our governments are trying to secure our IDs better by making them more difficult to duplicate, but intelligence agencies and operatives will always have access to thwart/duplicate those systems. It is a wasted effort to try to make our forms of ID more secure and it ultimately just takes away more of our freedoms in the name of security. It will not secure us against those in the intelligence world seeking to use our information for their purposes, but we can stop making it so easy for them, or granting them the least significant details of our lives that could end up being the most significant evidence against us should we ever end up having our identities used by an intelligence imposter, or, heaven forbid, end up playing the ultimate role of patsy in such an operation.
I have researched intelligence methods off and on for 30 years, and the methods used in Dubai do not surprise me in the least. What is surprising is that we still associate such nefarious things with the English word, "intelligence."