Privacy & Security

Learn to spot fake emails and fake websites

They set them up to con people into giving away passwords and bank details. The technical word for this is 'phishing'.

For example, they might send you an email that looks like it comes from us and it might contain a link to a website that looks like this one. When you try to log on, they can steal your password. They could also ask you to make a phone call or reply by email.

They are good at making their emails and websites look realistic. But you can often spot the fake ones:

• Dodgy looking email or web addresses
• Poor design, typos or bad spelling
• They ask you to do something unusual
• A site doesn't display the padlock symbol in the address bar when you log in

If in doubt, check with us first. Avoid clicking on links in emails. A starting point on protecting yourself online is to use the software we refer to from this site. Rapport software and up-to-date web browsers block fake websites.

Minimise the use of attachments

Copy and paste text as often as possible.

Question unsolicited documents

Unsolicited bulk mail and commercial email can put you and your organisation at risk. Questioning it means not opening it, not passing it on, and notifying your system administrator immediately.

Never respond to spam email

For a spammer, one "hit" among thousands of mailings is enough to justify the practice. Instead, if you want a product that is advertised in a spam email, go to a Web site that also carries the product, inquire there, and tell them you do not approve of spam methods and will not patronize a company that uses spammers.

Never respond to the spam email's instructions to reply with the word "remove"

This is just a trick to get you to react to the email -- it alerts the sender that a human is at your address, which greatly increases its value. If you reply, your address is placed on more lists and you receive more spam.

Never sign up with sites that promise to remove your name from spam lists

These sites are of two kinds: genuine AND spam address collectors. The first kind is ignored (or exploited) by spammers, and the second is owned by them. In both cases your address is recorded and valued more highly because you have just identified it as read by a human.

Question executable programs received via email

This is a common means for passing on viruses. Do not open them, do not pass them on, and notify your system administrator if you receive them.

Disable macros on your machine

To do this, you will need to open the application. On Word 2000, select Tools, then select Macros, then select Security, and then checked High: Only signed macros from trusted sources will be allowed to run. Unsigned macros are automatically disabled

Make sure that file extensions are viewable

This will alert you to files of the following types: .exe, .vbs, and .shs. To view file extensions in Windows select the Start menu, then select Settings, then select Control Panel, then select Folder Options, then select View, then UNCHECK the command that reads Hide File Extensions for Known file Types.

Notify the person you received an infected file from

This helps them correct the problem within their system before passing the virus on to other users.

Monitor your transactions.

Review your order confirmations, credit card, and bank statements as soon as you receive them to make sure that you are being charged only for transactions you made. Immediately report any irregularities.

Don't reply to any e-mail that requests your personal information.

Be very suspicious of any business or person who asks for your password, PIN (Personal Identification Number), or other highly sensitive information.

Keep your virus protection up-to-date

You should always be aware of the security when using an ATM and should always follow these general tips to ensure your personal information is kept safe:

• Never disclose your Personal Identification Number (PIN) to anyone.
• Never write your PIN or Password on your ATM card or Credit card. Memorise your PIN or Password.
• Never use an ATM with a blank screen.
• Do not force your card into the card slot.
• Stand close to the ATM and use your body and hand as a shield to make sure nobody sees you keying in your PIN.
• Keep your hand over the card slot to make sure nobody can swap or take your card.
• Follow the instructions on the ATM screen carefully.
• Do not insert your card until asked to do so by the display screen.
• Only put in your PIN when the ATM tells you to do so.
• Avoid drawing cash late at night or when you are alone.
• Leave the ATM immediately if you don't feel safe or you are suspicious of individuals loitering around. Come back later or use another ATM.
• Never hurry when using an ATM. Make sure you are not distracted, intimidated or rushed into your transaction.
• Never accept help from strangers when using an ATM. Always be wary of strangers asking for help. While one distracts you the other steals your card and money.
• Do not count your cash in front of the ATM.
• Avoid using ATMs in secluded areas after dark.
• If the ATM retains your card, cancel it immediately.
• Never allow a bystander to call the toll-free number on your behalf - they could be tricking you into thinking your card has been stopped.
• Always check that it is your card you get back from the ATM.
• Be aware of the daily withdrawal limits on each of your cards and decrease them if necessary.
• When using your cards at ATM's be alert that there are no additional devices affixed on the card reader slot or keypad, and also ensure that no one can see you punch the PIN number on the ATM keypad.
• Report lost or stolen cheques, ATM cards, or Credit Cards as soon as you discover they are missing.

You have to protect your information at all times be it over the internet or during your normal banking activities by simply following these tips:

Protect your Password and Personal Information:

• Do not use passwords that are easy to guess, e.g. your name, your date of birth, your telephone number(s), etc.
• Use a combination of upper and lower case letters as well as numbers.
• Do not use share your password with anyone and do not use the same password for other websites.
• Change your password frequently and never write it down.
• Always log into Internet Banking via our sites at the following addresses: www.emiratesnbd.sg and not through other links.
• Avoid logging into Internet Banking from Internet Cafes, Libraries or public sites.
• Always close the window once you have logged out of your Internet Banking session.
• Important: No one at Emirates NBD will ever ask you for your internet banking password. If someone does ask you for it, they do not represent the Bank and you should not under any circumstance provide this information.

Protect your Computer and Internet session:

• Never share your computer.
• Use a password on your PC to prevent unauthorised access to your information.
• Be wary of opening email messages from untrustworthy sources, especially if they contain attachments.
• Do not reply to emails that request your personal information. They may appear to come from a trusted friend or business, but they are designed to trick you in disclosing sensitive personal information.
• Use personal firewalls and anti-virus software.
• Avoid downloading software such as screen savers, desktop themes, games, and other executable type programs from websites that are obscure or unidentifiable. These programs may contain Trojan viruses that would enable hackers to monitor or take over your PC.
• Disable all unnecessary services running on your computer.
• Always verify that the site is the genuine Emirates NBD site.
• Do not leave your internet banking session unattended at any time.
• Before you start your internet banking session, ensure that all other internet sessions are closed. If your internet banking session is open we recommend that you do not open other internet browsers at the same time.

Contact your bank(s) and credit card issuers immediately to ensure the following are done:

• Access to your accounts can be protected
• Stop payments placed on missing cheques
• Personal Identification Numbers (PINs) and Online Banking Passwords changed
• Be sure to indicate to the bank or issuer all the cards and/or accounts potentially impacted, including your ATM cards and credit cards.
• Review all recent transactions on your accounts linked to those cards. Additionally, ensure that no one has requested an address change, title change, PIN change, or ordered new cards or checks to be sent to another address when appropriate.

Maintain a written chronology of what happened, what was lost, and the steps you took to report the incident to the various sources. Be sure to record the date, time, contact telephone number, person you talked to, and any relevant report or reference number and instructions.

Emirates NBD Digital Banking Services use the latest technology standards to protect your credentials from ever-evolving digital threats. However, as customers it is equally important for you to be aware of the potential threats and take necessary actions to protect yourself.

SIM SWAP is one such threat that you need to be aware of and be careful about while using digital banking. Fraudsters try to get control of mobile numbers to obtain authorization codes sent by banks to access digital channels and authorize financial transactions. Find out what SIM SWAP is and how you can protect yourself from fraudsters.

What is SIM SWAP? How does 'SIM Swap' fraud happen?

• SIM SWAP is where a fraudster compromises telecom operator processes and gets the SIM Card of your registered mobile number without your knowledge and authorization. In these cases, fraudsters use fake documents to get the SIM CARD and use it in their mobile handsets. This enables them to access SMS Authorization codes sent by banks for financial transactions.
• There are many ways that fraudsters use to get your personal information. They may use phishing emailing or SMS techniques to get your Emirates ID/Visa or Passport number, legal name, date of birth, address and registered mobile numbers at the bank. Alternatively, they might collect your data from public websites or your social media accounts. They will then contact your service provider on your behalf to reactivate a new SIM card claiming your SIM card is lost or damaged.
• As a result, all calls and text messages will be directed to the fraudster’s phone, including one-time passwords for banking transactions. After receiving a one-time password SMS, the fraudster tries to access your digital banking credentials and conduct financial transactions.

How to detect a potential threat and protect yourself?

You can protect yourself by following the below steps:

• To avoid any SIM Swap fraud activity, we highly encourage you to use Smart Pass feature available through our online and mobile banking platforms. By using Smart Pass you can authorize your online/mobile banking transactions independently from your local or international telecom operator. Click here to know more about Smart Pass.
• If you stop receiving calls or texts and you don't know why, check with your mobile operator immediately.
• Don’t share your online/ mobile banking passwords or any other personal credentials with anyone. Remember, Emirates NBD never asks for your credentials and personal information through SMS or e-mail and never reply to e-mails or SMS that asks you to do so.
• Do not install applications from unknown sources to your mobile devices or your computer. Please make sure that you are using a trusted anti-virus software to protect your devices from potential viruses and malwares.
• We send all transaction details to you through SMS or email. Please keep a close eye on your financial transactions.
• In case you suspect fraud or notice any suspicious transaction, and as a precautionary measure, change your online/ mobile banking password, registered e-mail & mobile phone number with the bank immediately.
• Refrain from publishing your personal details such as your phone number, date of birth or details that you have provided to financial institutions for verification purpose on any of the social media platforms.
• Try to use a different e-mail address for your financial transactions and your social media accounts.

The program you use to look at websites is called a web browser. Modern browsers warn you if you visit fake websites and it is harder for viruses to infect them.

If you have updated your computer regularly, it is likely that you are already running either the latest version of Microsoft Internet Explorer / Google Chrome / Mozilla Firefox (on Windows PCs) or Safari (on Macs). It is a good idea that you install an up-to-date web browser. There are several to choose from and they are all free.

You can check if your Windows computer is up to date in the Action Center in Windows 7. For Windows 10, the Update & Security link is located in the Windows Settings menu.

• The criminals who create viruses take advantage of software bugs to infect computers.
• Software companies fix bugs with free downloadable updates.
• It is a good idea that you install updates for your software as soon as they become available.
• Be wary of fake emails about bogus updates. Use the update software that comes with your computer - don't click on links in emails. As well as your computer software, other programs need updating. This includes your web browser and the applications you use. Most modern software will check for updates automatically. You may want to install them as they become available.

What's your mother's maiden name? What's the name of the first school you went to? What was your favourite subject at school? What's your address? Birthday? Phone number?

All this information is useful to people who want to steal your identity or break into your online banking. You wouldn't give this information away to a stranger on the street but if you use social networking sites, such as Facebook, Twitter or MySpace, you could be over-sharing personal data.

You may want to think carefully about the information you put into your profiles on sites like these. It is also a good idea that you check the privacy settings on each site that you use to make sure you only share personal information with people you trust.

Please also remember that you must take all reasonable precautions to keep your details safe and prevent any unauthorised use of any cards and security details. If any information forms part of your security details, you should make sure that you do not disclose it to anyone else - see terms and conditions that apply to your account(s) for more detail.

Viruses are one way to do it. But they also use paper documents of your accounts containing personal details, such as receipts and bank statements.

Fraudsters use many methods such as searching in dustbins to obtain these documents. You should take simple precautions to keep your details safe and to dispose of these documents safely, such as shredding them before you bin them.

There are many ways for them to make money online:

• Steal your passwords and bank details with viruses, fake emails and fake websites
• Ask you to provide security details
• Send spam with bogus offers and products
• Take over your computer and use it to attack other people's computers
• Use viruses to display unwanted adverts on your PC

We take your online banking security and privacy very seriously. Protecting yourself and your money takes a bit of know-how and the right software.

When it comes to protecting yourself and your money on the internet be wary of ridiculous deals.

Criminals may contact you by email, through websites you use, via SMS or even by phone. It pays to be on your guard as they can be quite convincing.

Here are some warning signs:

• Big promises: 'You have won the lottery'
• Big threats: 'Your account has been hacked'
• A false sense of urgency: 'Act now or it'll be too late'
• Unnecessary secrecy: 'Don't tell anyone'
• There is no reason for them to contact you. Did you even buy a lottery ticket?
• 'Business opportunities' that involve holding or receiving money for strangers

If an attachment looks suspicious, don't open it. Don't install software unless it comes from a website you trust. If it doesn't feel right, take your time.

If you suspect that there is a problem with your online banking, you can always talk to us first.

You may even use it for internet banking and online shopping.

For example, they might send you an email that looks like it comes from us and it might contain a link to a website that looks like this one. When you try to log on, they can steal your password. They could also ask you to make a phone call or reply by email.

You may want to think about:

• Setting and using a security PIN code
• Adjusting the phone settings so that it locks automatically if you don't use it for five or ten minutes
• Not storing passwords or other sensitive information on your phone in a way that can be understood by someone else
• Not storing your home phone number and address under ‘home’ in the contact list (you wouldn't want a thief to be able to know your address and be able to check if you're home)
• Be wary of voicemail and text message scams
• Clicking on links in text messages can be risky - be careful

If you lose your phone report it to your mobile phone provider immediately. Make a note of your phone's IMEI number (dial *#06# to get it). This will make it easier for your phone company to disable a stolen phone.