Noor Bank is committed to taking all precautions required to protect its customers from fraud related to the usage of electronic channels to avail of the bank’s services and products.
It is also important that the customer be aware of security threats, precautions to be taken and safe practices to help the bank in fighting against such frauds.
Internet Banking Safe Practices
Internet Banking is a facility provided to customers and serves as a quick and secure way to access the Bank’s services and products.
Phishing is a fraudulent attempt to obtain the customer information, including the credentials of online banking channels.
Fraudsters imitate a ‘trustworthy entity’ via e-mail and ask for sensitive information such as credit card numbers, login IDs or passwords.
Usually, common phishing emails have the following pattern:
- Transmission Confirmation
- Mandatory Net Banking Security Update
- Confirm your online account details
- Noor Bank Technical Verification
- Alerts - Upgrade And Secure Your Online Account Immediately
- Urgent Security Warning
- Online Banking Account Security Upgrade
Keep your online information safe by using the following guidelines
- Create a strong password
- Never use common passwords for banking sites and social media sites.
- Never share your financial information on social networking or blogging sites
Never share the account access information
- Be alert and be vigilant about phishing and spam mails
- Beware of fraudulent websites
Transact online cautiously
- Browse using the complete URL(Uniform Resource Locator), e.g. www.noorbank.com or https://www.noorinternetbanking.com
- Based on the browsers used, look out for the pad lock symbol or the Green Bar
Forward the original e-mail to us at email@example.com
Other Safe Banking Practices
Skimming is stealing of information from the magnetic strip on the credit or debit cards that are used at ATMs and Point Of Sales (POS).
Fraudsters collect information from a Credit/Debit/ATM card by reading the magnetic strip on the reverse side of the card. This is done by concealing a small device a ‘skimmer’ in the card slot of ATMs or merchant payment terminals.
This 'skimmer' scans the card for details and stores its information. A tiny strategically positioned camera may also be used to capture the PIN. Skimming can occur at ATMs, restaurants, shops or other locations.
Protecting yourself from Skimming:
- Protect your PIN by standing close to the ATM and shielding or covering the key pad with your other hand when entering your PIN.
- If you see anything unusual, strange, suspicious, something that does not look right at the ATM or if the keypad does not feel securely attached, stop your transaction and inform the bank.
- If it appears to have anything stuck onto the card slot or key pad, do not use it. Cancel the transaction and walk away. Never try to remove suspicious devices.
- Be cautious of strangers offering to help you at an ATM, even if your card is stuck or you are having difficulties. Do not allow anyone to distract you.
- Keep your PIN a secret. Never reveal it to anyone, even to someone who claims to be calling from your bank or a police office.
- Change your PIN at regular intervals.
- Check that other people in the queue are at reasonable distance away from you.
- Regularly check your account balance and bank statements, and report any discrepancies to your bank immediately.
Vishing is an attempt made by a fraudster to obtain confidential information from you over a phone call. Details like User ID, Login and Transaction password, OTP (One Time Password), URN (Unique Registration Number), Card PIN, Grid Card Values, CVV or any personal parameters such as date of birth, mother's maiden name and P. O. Box may be requested.
Protection from Vishing:
Fraudsters sometimes use automated voice responses and attempt to obtain information from victims. Do not enter provide or enter any sensitive information, unless you have initiated the call with Noor Bank on 800 6667.
- Do not discuss your personal or banking information on any suspicious call received.
- Noor Bank does not request information like Debit Card number, Credit Card number, ATM PIN or any other sensitive information over the phone or in an e-mail.
- In case you are asked to call a number to discuss any further information, immediately call the bank on 800 6667 and inform us of such activity.
Smishing (SMS Phishing)
You receive a text message or an automated phone call on your cell phone stating there is a problem with your bank account. You are given a phone number to call or a website to log into and asked to provide personal identifiable information—like a bank account number, PIN, or credit card number—to fix the problem
Protecting yourself from Smishing
- Smartphones can be infected with viruses, so never click on links from any unknown sources.
- Never share financial or personal information through text messages.
- Immediately inform Noor Bank of any suspicious text messages.
- Check your account activity / statements regularly to spot fraudulent or unauthorized account transactions.
SIM Cloning Attack
SIM cloning is the process in which a legitimate SIM card is duplicated and the cloned SIM card's identifying information is transferred onto a separate secondary SIM card. A SIM cloning or SIM swap attack could lead fraudsters to receive calls, confidential SMS, notifications, activation codes or one time passwords that are sent to customers mobile phone in an attempt to perform a financial fraud.
Protecting yourself from SIM Cloning attack
- Ensure proper disposal of your SIM card when transitioning to new one
- Keep your SIM card with you while giving the phone for repair
- If you stop receiving calls or texts, and you don't know why, check with your mobile phone service provider immediately
- Do not switch off your mobile phone in the event you are receiving numerous annoying calls. This could be an attempt to get your phone switched off to prevent you from noticing that your connectivity has been tampered with
- If you lose your mobile phone or your phone displays ‘SIM not registered’ or a similar message contact your mobile phone service provider immediately
Magic Pens have erasable ink, which can be used by fraudsters to alter the cheque details such as beneficiary or the amount.
Beware of fraudsters armed with Magic Pens posing as bank representatives to complete finance or credit card applications. They fill in your details in front of you and ask you to sign the cheque using their Magic Pen and later alter the details of the cheque.
To make sure you do not fall victim to this scam, take a few simple precautions:
- Never issue a blank cheque. Always mention name of the beneficiary and amount
- Fill in all the details with your own pen
- Always ask the representatives for the photo identification issued by the bank
- When in doubt, contact the beneficiary on their land line to confirm that the representative is a part of the institution
Secure your card
Your card is cash and needs to be protected, all you need is to take few measures.
- Do not write your PIN on your card, keep it in your wallet or share it with anyone
- Be present whenever your card is swiped
- Ensure nobody is looking at the ATM / POS terminal while you enter your PIN
- Remember to collect your card after any transaction at ATMs or merchants
- Ensure SMS alerts are enabled for card transactions
- Ensure that your mobile number is current and updated with the bank
- Review your account statements regularly
- Never respond to emails or phone calls asking for sensitive information such as your PINs or card details
- Notify the bank immediately by calling the contact center if your card is lost, stolen, suspected of breach or misuse. Refer http://www.noorbank.com/english/info/contact-us for phone number
- Keep records of your card number, card expiry dates and bank contact center numbers in a safe place that is different from where you keep your cards. You may need to use this information if you ever have to report your card as lost or stolen.
Secure your mobile device for a secure banking experience:
- Do not connect to public Wi-Fi hotspots for performing banking transactions.
- Use pattern locks or PINs and enable the remote wipe feature to protect your mobile device.
- Install apps only from the official app store.
- Do not make unauthorised modifications to your mobile operating system and always keep it updated.
Beware of fake phone calls
- Don’t respond to unsolicited phone calls or text messages asking for sensitive information such as bank account number, username, password etc.
- Never disclose sensitive information over the phone to any untrusted person or respond to phone calls received from unknown numbers
- When you identify a fake phone call, track the caller and block their number
- Always stay alert and keep yourself informed about the latest scams
- If you feel the call is fake or trying to represent the bank, hang up and report it immediately to the customer contact centre