Fraud Protection

General Directives

1.Confidentiality must be observed with regards to the username and the password with respect to not disclosing them to any person, including the staff of the Bank or its agents. It should also be observed not to select passwords that could be easily identified such as the date of birth, the phone no. or part of the name of the customer. The customer must also observe, upon using the Internet in general, not to disclose any personal data or information (such as the National ID card/the passport/addresses/bank account numbers) to any person whose identity was not confirmed or to any suspicious websites.

2.Observing not to access the Internet Banking Service via public or shared computers (such as Internet cafes or public libraries). It should also be ascertained that the customer’s devices were safely prepared and are equipped with firewall and anti-virus & anti-malware software; together with updating them periodically. In case of violating any of such procedures, the bank shall not be responsible if the device of the customer was hacked.

3.The customer hereby declares that the User ID, the entry registration password, and the account number are all considered means of identifying me, and that any transactions implemented using such means shall be considered to have been issued by the customer considering them e-Signature. The bank shall consider any person who uses such means to be the customer. The customer shall also be responsible for all transactions implemented using his means of identification and also responsible for any change, loss or transfer of any of such means to third party until the time in which the Bank could suspend the service pursuant to a written notice that it receives from the customer after signing it and/or pursuant to a phone call from the customer to the Call Center of the Bank at 19373 24/7. In light of the fact that such services are provided via using the Internet and/or the phone, the Bank shall not be responsible for the disclosure of the confidentiality of the accounts that may occur as a result of the misuse of the customer or that are carried out via hacking.

4.The authenticity of the official website of the service could be ascertained via clicking the lock icon or the key icon at the bottom of the browser’s screen to ensure the website’s authenticity certificate. In addition, accessing the website via hyperlinks received via the email must be avoided.

5.If the customer desires to amend his mobile phone no. previously recorded on the Bank’s customer database, it shall be imperative upon him to proceed to the nearest branch of the Bank to fill in the data amendment application.

6.If there is any complaint with regards to the service, the Call Center of the Bank at 19373 could be contacted 24/7.

Preventive Arrangements to Maintain the Security, Safety and Confidentiality of Information Under the Services Provided Online

Dear customers, in the aspiration of Al Baraka Bank to protect the security, safety and confidentiality of its customers’ information, the Bank takes all effective security precautions and arrangements and applies the most optimum global information security standards. It also monitors the websites on the Internet to designate any illegitimate use to the name of the Bank and its trademark; including the detection of any fake websites online that are similar in form to the official website of the Bank in view of their gravity on the information security of customers and their privacy.

Due to its significance, there are several growing threats to the information security of which we must remind you so that they could attain the biggest amount of your attention to protect your data and banking transactions from the means of hacking which includes the following:

Phishing:

It is the attempt to obtain sensitive information such as the identity of the customer, the password and the accounts and credit cards data via impersonating the identity of a trusted friend or a reputable company such as a bank or impersonating one of its staff members via an email message, fictitious website, or personal communication. Banks that provide online banking services are targets to phishing. The most widespread phishing means are emails, text messages or phone calls that require the disclosure of personal data.

Be alert for phishing attempts via any means and always ensure accessing the Bank’s website via the right address of Al Baraka Bank.
Avoid using the computer or network’s public connections, especially upon reviewing financial data. If there is need to use them, be sure of deleting personal files, the cookies and the Internet memory after finishing.
Observe not to disclose personal data to third party, as for example replying to a request for updating, inspecting or confirming the account’s data, unless it is you who initiated the communication; together with knowing the other party with whom you are dealing; taking into account that banks do not update information except via their branches and in the attendance of the customer in person.
Do not click the linking connections in chat rooms of the social media or messages, and do not call a phone number that was mentioned in an email message even if the purpose was updating your data.
Do not reply to suspicious email messages or messages that ask you to disclose personal information such as the ID card no., the account no. or the password.
Remember that the bank will never send an email message requesting the disclosure of any personal information.
If personal data were disclosed by mistake pertaining to your account with Al Baraka Bank and you were doubtful that the sending entity was not Al Baraka Bank, promptly contact us at once so that we could take the required procedures to protect your account.
Always aspire to respond to the security awareness carried out by the staff member of the Bank as guarantee the verification of your identity.
Always aspire to update your personal data (means of communication, mail addresses, e-mails ...) by visiting the Bank’s branches.

Social Engineering:

It is the attempt to obtain personal data via convincing the victim taking advantage of the human inclination to trust a reputable trademark and the correlation of this mark to worthiness and credibility.

In addition, some of the phishing means are carried out using the account of the customer himself to allow the passage of suspicious transactions or those resulting from financial fraud and swindling via asking the customer for his account no. to deposit such amounts then withdrawing them from his account and delivering them to the crook. An example for the foregoing is tricking a company’s employee to disclose a username with the password, where he impersonates the technical support employee by coupling it with information that he has collected to find a way for hacking the computer network of the company.

Viruses & Spyware:

These are the most widespread kinds of risks, where the viruses, the spyware and others could obtain sensitive information such as the identity of the user and the password and use them in illegal matters. It shall be imperative upon customers to ensure installing and operating antivirus software and ensure their continued updating on their computers.

Identity Theft:

This is the deliberate impersonation of another person to reach the financial data of this person or entangle him in a crime. Most victims of impersonations are not aware of the fact that they are a targeted prey except after the occurrence of the damage that may involve bearing anonymous expenses on the account or withdrawals from the bank accounts.

Password (Avoid Simplicity in Knowing it):

Maintain the confidentiality of the password and avoid using common, known and predictable passwords, and change them periodically. Al Baraka Bank advises its customers for their safety and security when creating a new password to refrain from using known information such as the date of birth, the phone no. or any part of the customer’s name that could be easily known.

Role of Customer (issues that you must carry out) :

The customer has a vital role to guarantee the security of information, where Al Baraka Bank recommends its customers to comply with the following directives:

Aspire to fit the operating system with the latest releases and follow up the security updates continuously.
Operate the antivirus software and aspire to install it in a manner that guarantees its continued automatic update.
Operate the anti-spyware software and aspire to install it in a manner that guarantees its continued automatic update.
Use firewall software.
Review the security guidelines for the browser software.
Avoid disclosing the password and personal data and maintain the confidentiality of the ATM card no. and the bank account, and not to disclose them even to the staff members of Al Baraka Bank.
Update the customer’s information and data whenever they undergo any change via the branches of the bank.

Risks Involved in Using Public Devices:

There are a lot of risks involved in using public devices or the wireless Internet network (Wi-Fi), such as networks available in libraries, Internet cafés or airports, where the security arrangements for such networks could be prepared in an unsafe method enabling their easy hacking by one of the hackers. Some general risks that occur upon using public or shares computers are as follows:

Upon browsing the Internet, the browser software records all websites that you have visited and their addresses; accordingly, others could refer to all pages and websites that you have visited very easily and access your accounts via the Internet.
There are also programs called Keys Portfolio, where this program keeps all keys that you have used on the keyboard and consequently could refer to the websites that you have visited very easily to learn of your username and the password from such program. It is possible that this program would have an activator on the public computer that you use.
There are also many hackers’ programs that record and keep your confidential data and information and send them to the person that will use them to log into your personal accounts to steal from them.
Public and anonymous wireless networks that you use could be managed by hackers.
The best method to gain knowledge of your personal and confidential information for hackers to abuse in public venues is to look at the screen on which you are working from your back while not knowing; accordingly, avoid this method.

How Could You Ensure That Your Caller is One of the Bank’s Staff Members or Not?!!

If you receive a call from a person that alleges to be a representative of the bank and it is revealed to you that he asks a lot of banking questions:

Do not disclose any information to this caller.
Ask the caller for his hotline and tell him that you will call him back at this number.
Call the bank via its official number and enter the hotline that was given to you by the bank’s alleged representative.
Visit the nearest branch to resolve the issue if what was requested was some of information related to you.
Do not disclose any confidential banking information pertaining to you to any of the employees of the bank, even if it was the branch manager.

Your Banking Information That You Must Not Disclose to Third Party:

Your ATM PIN.
The username and the password of the Internet Banking Service.

Be knowledgeable that neither the bank nor its representatives will ask for your personal information via sending an email message or via a phone call.

Safeguard Your Mobile Phone:

Your mobile phone could contain a lot of personal information. You could also use it to obtain banking services and browse through the Internet; safeguard it and put the following into you consideration:

Form and use a password for your mobile phone and adjust the phone settings to automatically switch off if it was not used for a period of one or two minutes.
Not to keep passwords or sensitive information on the mobile phone that could be comprehended by third party.