Fraudsters are employing newer, more creative and increasingly sophisticated methods of scamming unsuspecting bank customers. This has not only pushed up instances of fraud but has also made them harder to detect.
In fact, the Central Bank of the UAE as well as a number of leading banks in the country have been issuing fraud warnings to residents, urging them to not respond to suspicious phone calls, emails or text and WhatsApp messages. Bank customers are also being warned about clicking on links and opening attachments in such emails and messages that are targeted at extracting sensitive bank account or credit card information.
However, in order to fully insulate yourself from these types of fraud, it is important to understand the nature of the scams and the means through which fraudulent firms or individuals could contact you with malicious intent. Broadly speaking, there are three ways through which scammers try to steal your bank information – Phishing (through emails), Vishing (through voice calls) & Smishing (through SMS).
Here’s how they work:
Phishing is a way to dupe people by sending them fraudulent emails pretending to be from a bank or a reputable financial company. The aim is to extract personal account information or transfer money via online transactions.
The deception lies in making the email appear as genuine and professional as possible so that the person believes its content and easily falls into the trap. The phishers usually set up a replica page of the bank and send bulk emails seeking account details, password, etc. After clicking the link, customers are redirected to the replica page where they are asked to furnish their data. Once the information is provided, the data immediately goes to scammers while the customer is redirected to the genuine website of the bank. The phishers can then use this information to steal money from your account or perpetrate identity theft, among other things.
The golden rule is to watch out for emails that appear to be from a bank with subject lines such as ‘Confirm your online account details’ or ‘Urgent Security Warning!’. Always remember that your bank will not ask for your personal banking information under any circumstances, let alone via email. In case you suspect a security breach, it is best to first call your bank and check if anything is out of place with regard to your bank account or credit card. Do not download any attachments – These could be malware.
While Phishing relies on visual deception, Voice Phishing or Vishing counts heavily on manipulation and social engineering skills to get victims to give up sensitive information.
Scammers posing as representatives of a bank or financial institution call up customers and create a false scare to make them disclose personal details of their accounts. They would usually tell customers that “suspicious” activity has been noticed on their card or that their credit/debit card has been temporarily blocked. The customers can also receive a pre-recorded message that poses as a bank’s IVR system and tries to persuade them into entering their account details such as credit/debit card number, the card’s CVV number, expiry date, etc.
Again, the only rule to avoid the scam is to not reveal anything no matter how genuine the caller may appear as your bank will never ask you to provide any information over the phone or email. If you receive a phone call asking for such information, contact your bank and report this immediately.
In smishing fraud, the scammers try to get in touch with their targets via text messages with an aim to steal personal data. A smishing scam message pretends to be an important communication from your bank and contains either a link or a phone number which serves as bait. Once you click on the link or call the number, you will get further engulfed in the scam and put yourself at risk of revealing sensitive data to fraudsters. Again, the important rule here is to ignore all such messages and avoid opening any link on your phone.