Allan Jacob (ABU DHABI)
A surge in sophisticated cyber threats by imposters has prompted UAE banks to raise their guard to protect customers’ accounts. With more residents turning digital natives, users are being urged to be alert with their money online as they use a network of digital systems across various sectors of the economy.
Banks in the country have raised threat levels as fraudsters get craftier, and have urged residents to take precautions when they go online for buying or selling or transferring funds. In messages sent to customers recently, Emirates NBD and Mashraq Bank asked them to be vigilant before clicking on links from unknown sources.
“Fraudsters often send you malicious web links in messages pretending to be from genuine entities such as your bank, government entities, courier companies etc. “Never click on such links, and always check merchant name and amount while doing an online transaction using an OTP,” said Mashreq Bank. Cyber crooks are getting smarter, and banks like Emirates NBD are informing customers of their modus operandi.
Fraudsters are now “posing as ICP/government officials”, it warned customers. Customers are being asked by imposters to reset their passwords via ICP/ICA or even the UAEPASS. Some are being asked to change their email passwords and OTPs, the bank said.
“Do not comply. Stay vigilant,” urged the bank.
With electronic transactions ensuring speedier delivery of government and retail services, the risks are also rising manifold, experts have opined. E-commerce is thriving in the UAE, and is expected to grow from $7 billion to $17 billion by 2025, according to some reports, and seamsters are on the prowl and fine-tuning their ability to defraud unsuspecting customers.
Rana Muhammad Saud Khalid, Group Chief Risk Officer at Ajman Bank, said the bank is taking no chances when it comes to digital security but customers also have a role to play in keeping their financial information safe. “We employ state-of-the-art security measures, including advanced encryption, continuous monitoring, and regular system updates, to safeguard our customers’ data against unauthorised access,” she added.
However, security is a shared responsibility, and it is “imperative that both the bank and customers remain vigilant against the evolving tactics of cyber criminals”. The bank requires its clients to regularly update passwords and ensure they are strong and unique, while avoiding sharing sensitive information over unsecured or public Wi-Fi networks. It is also important to watch out for phishing emails or suspicious links, and enabling two-factor authentication whenever possible.
“Education on the latest cyber security threats is also crucial, which is why Ajman Bank provides resources and alerts to keep our customers informed and one step ahead of cyber crooks,” she explained. At the regulatory level, cyber security is a work in progress, according to experts and analysts.
“Compliance and regulation remain the strongest multipliers for cybersecurity growth. The proliferation of technology has greatly increased organisational exposure to complex cyber risks, while the surge in e-commerce and digital banking across the Middle East has generated a heightened need for security,” said Parminder Kaur, Director and Head of Security Advisory, MEASA, Frost & Sullivan.
The rapid proliferation of technology has “greatly increased organisational exposure to complex cyber risks, while the surge in e-commerce and digital banking across the Middle East has generated a heightened need for security”, she said.
Meanwhile, banks are expanding their awareness campaigns on the growing security risks online. There have been several incidents where scammers introduce themselves as bank representatives, CID, police, or the Central Bank to “influence customers to initiate a transaction”, said Emirates NBD in an awareness message.
Banks are, therefore, urging customers to confirm caller IDs, to be wary of unsolicited and unwanted calls, and report them to authorities immediately. Mashreq Bank has gone further and said it has stopped sending OTPs to users’ emails from March 26, Tuesday.
It also asked its customers to keep their mobile numbers always updated with the bank to avoid any disruption in their transactions. “One Time Passwords (OTPs) for 3D Secure e-commerce transactions on Mashreq Credit and Debit Cards will be sent only to your registered mobile number via SMS and will not be sent on email,” said the bank.
According to the UAE Cybersecurity Council, the UAE repelled more than 50,000 cyberattacks daily last year. In the first three quarters of 2023, the country’s cyber authorities successfully prevented over 71 million attempted attacks in total.
How to Report Digital Crime
The “eCrimes platform” launched by the UAE’s Ministry of Interior (available on MoI UAE app on Google Play, App Store, and AppGallery), as well as on the web with the eCrime website of the Dubai Police, is a resource anyone can use to report suspected digital crimes.
The Abu Dhabi Police’s Aman service is also available to report suspected crimes, in addition to the “My Safe Society” app (available on App Store and Google Play) launched by the UAE’s federal Public prosecution. The public can also report cybercrimes to the nearest police station, or call 999 for help.