Tell A Friend

Types of Fraud

The following sections will assist you in understanding various current threats and help you to avoid becoming a victim of financial fraud.

 Phishing
Fraudulent emails are used by criminals to lure you to fake websites, which resemble original websites of financial institutions, and ask you to divulge personal information such as account number, credit card number, PIN number or Security Authentication Key.

The most common type of phishing e-mail purports to be a security message requesting you to validate your personal details or security questions. However, the details you confirm are then sent to the criminals. BBK would NEVER request such personal information from you in such an e-mail

How to protect yourself?

  • NEVER access BBK Internet Banking through a link in an e-mail.
  • To access BBK Internet Banking by accessing BBK's official website at www.bbkonline.com, and then follow the link to the Internet Banking Retail Login page. These sites are secure and you will see the padlock symbol displayed on the browser. See the figure below.
  • Be very suspicious of any e-mail or phone call received from a business or person that asks for your password, passport, and personal ID number, and account or credit/debit card information unless you have initiated the transaction. Similarly, be cautious of any communication that sends your personal information and asks you to update or confirm it.
  • Use a unique ePIN and change it regularly. NEVER disclose your ePIN to anyone – not even to BBK employees.
  • Monitor your transactions. Review your order confirmations, credit card and BBK statements as soon as you receive them to make sure you are being charged only for transactions that you have made. Immediately report any suspicions to BBK.
  • If you receive any such Phishing e-mail immediately contact BBK Call Center on +973 17207777 or send an email to [email protected]

 Pharming

Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial related) information

through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof websites which appear legitimate, pharming 'poisons' a DNS server by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser however will show that you are at the correct website, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing.


How to protect yourself?

  • If you are using Internet Explorer 7 and the address bar turns RED, do not continue, as this is an indication that you are connected to a fake web site.
  • You can also verify that you are connected to the right server by clicking on the gold padlock icon and then click on “View Certificates” to see you are connected to the right server.
  • If you suspect you’re a victim of Pharming, immediately report the incident to BBK Call Center at +973 17207777.

 Fraudulent Emails

With the evolution of e-mail, users have been targeted by global email scams that are intended to collect critical personal and financial information from unsuspecting victims. Illegitimate offers are e-mails that entice users to purchase popular goods or services at reduced prices (or before they're available to the general public), with no intent to deliver those purchases. Usually, these e-mails are designed primarily to obtain credit card or bank account information.
Other fraudulent emails are in the form of requests for help that usually offer a recipient large sum of money or attractive rewards in exchange for "short term" financial assistance. One common example is the “sender” who asks the recipient to supply a bank account number to "hold" large sums of money until the “sender” can retrieve it. In exchange, the recipient is promised a percentage of the deposit. The “sender” uses the bank account number for fraudulent activity, and the recipient never receives the promised funds.

How to protect yourself?

  • Be VERY SUSPICIOUS of any e-mail or phone call received from a business or person that asks for your password, passport number, and account or credit card information unless you have initiated the transaction.
  • ALWAYS be wary of unsolicited emails offering large sums of money.
  • Monitor your transactions. Review your order confirmations, Credit Card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any suspicions to BBK. .

 Key Loggers and Trojans

Key loggers are software programs that capture a computer user's keystrokes. Such systems are used by hackers to obtain passwords or encryption keys and thus bypassing other security measures.
A Trojan is a program that appears legitimate, but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. It stays in the computer doing its damage or allowing somebody from a remote site to take control of the computer. Trojans often sneak in attached to a free game or other utility.

How to protect yourself?

  •  Never use computers located in public places such as Internet cafes or airport lounges for online banking.
  • Install a Personal Firewall and anti-virus software with latest security patches and anti-virus signatures.
  • Always remember to update your antivirus signature.
  • Do not visit suspicious sites. If you suspect that a website is not what it purports to be, leave the site immediately. Do not follow any of the instructions it presents.
  • Monitor your transactions. Review your order confirmations, Credit Card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to your bank.

 ATM Type Fraud

ATMs have simplified personal cash management and allow withdrawal of cash outside of banking hours. However the frequency of ATM frauds has also increased.

Different types of fraud:

  • Card Skimming: Criminals install devices on ATMs to obtain/skim the card account details and record the PIN number entered by a customer. This information is then used to make unlawful cash withdrawals with counterfeit cards.
  • Shoulder surfing:  Criminals pretend to help unsuspecting customers at the ATM, but in reality are memorizing the PIN number.
  • ‘Operational Cash’ Departments:  In tourist destinations where there are few banks and ATMs criminals approach tourists and offer their services in directing them to local merchants who will utilize their point of sale device to issue cash (‘operational cash’ departments). The merchant then skims the card account details and uses a fake PIN entry device to obtain the cardholders PIN. This information is then used to make unlawful cash withdrawals with counterfeit cards.

How to protect yourself?

  • Be especially cautious when strangers offer to help you at an ATM, or if you notice any suspicious activity at or around the ATM area.
  • Use ATM locations that you are familiar with so any changes will be more apparent; for example, a false attachment on the front of the machine. 
  • Ensure that other individuals at the ATM queue keep an acceptable distance from you. Be on the look-out for individuals who might be watching you enter your PIN. 
  • Stand close to the ATM and shield the keypad with your hand when keying in your PIN. 
  • If you feel the ATM is not working normally, press the Cancel key and withdraw your card and then proceed to another ATM, reporting the matter to the bank. 
  • Keep your printed transaction record so that you can compare your ATM receipts to your monthly statement.
  • If your card gets jammed, retained, or lost, or if you are interfered with at an ATM, report this immediately to the bank.
  • Do not be in a hurry during the transaction and carefully secure your card and cash in your wallet, handbag or pocket before leaving the ATM.
  • Memorize your PIN (if you must write it down, do so in a disguised manner and never carry it with your card).
  • NEVER disclose your PIN to anyone, whether to a family member, bank staff or police. 
  • Use unique PIN numbers and never use numbers like your date of birth, or the last four digits of your phone number. Change your PIN periodically, and if you think it may have been compromised, change it immediately.
  • Only use approved ATMs or banks to make cash withdrawal transactions.
  • If you suspect or identify any of the above please contact us at our Contact Center at +973 17207777.

Smshing

SMiShing is a security attack in which the user is tricked into downloading a Trojan horse, virus or other malware onto his cellular phone or other mobile device. SMiShing is short for "SMS phishing."

How to protect yourself?

  • Do not open SMS messages from unknown sender.
  • Do not respond to SMS messages requesting sensitive information such as Passwords, PIN numbers etc. BBK will NEVER request such sensitive information.

Identity Theft

Identity theft happens when a criminal obtains your personal information to steal money from your accounts, open new credit cards, apply for loans, rent apartments and commit other crimes — all using your identity. These acts can damage your credit, leave you with unwanted bills and cause you countless hours and frustration to clear your good name.

How to protect yourself

  • If you're a victim of identity theft or account fraud, you should contact us at our Call Center number +973 17207777.


 

Follow us

TwitterFacebookYoutubeLinkedInInstagramGoogle+FoursquareRSS
Terms and Conditions  |  Codes of Best Practice  |   Social Media Terms of Use  |  Privacy & Security  |  Complaints and Feedback  | Sitemap
© 2014 BBK  |  All Rights Reserved  |  Licensed by the Central Bank of Bahrain as a conventional retail bank