Our Network

Register for our free newsletter

 
 
Latest News

How to avoid being ‘phish’ bait

How to avoid being ‘phish’ bait

Following the alarming rise in internet fraud and ‘phishing’ attacks in the Middle East, here’s some advice on protecting yourself when banking online.

April 10, 2010 11:12 by



Increasingly sophisticated bank fraud scams are making headlines across the UAE, with scores of clients duped in cons resulting in individual losses of as much as $35,000.

In one case, scores of Mashreq bank clients were snagged in ‘phishing’ attacks last December. Unsuspecting customers were presumably directed to websites they believed to be secure, divulging confidential login credentials in the process. Customers in Abu Dhabi, Dubai, and Ajman are among many who were tricked into providing confidential banking details in phony scams that purported to recharge cell phone accounts.

According to the account of one victim, Mashreq bank has denied any liability for his losses. “They’re telling me I revealed my internet password, so they won’t pay anything,” one victim was quoted as saying by The National.

The latest revelations expose alarming breaches in online banking security safeguards of regional banks, leading one analyst to suggest that the Mashreq case “demonstrates how far behind the Middle East is in information security.”

Under the banner: “Protecting your wealth is a shared responsibility,” Mashreq’s website emphasizes that “any transaction arising out of a valid Sign On using your username / password will be treated as authentic, and the bank will not liable for any loss due to unauthorized transactions in your account.”

For customers facing devastating financial losses, the question becomes whether banks are adhering to best practices in the industry.

“Middle East financial institutions need catching up!” claim Singapore-based ReadiMinds, a producer of security software products.



Pages: 1 2 3

1

Tags: , , ,

1 Comment

  1. rb on April 20, 2010 8:13 am

    A.Internet , ATM . IVR passwords must be changed frequently.

    B. SMS alerts on transactions must be subscribed to .

     

Leave a Comment