anb has always placed information safety and security as its utmost priority by adapting the best effective state-of-the-art international information security practices and controls. We also monitor the Internet for illegal or unauthorized use of the Bank’s name and trademark. The process includes detecting incidents of fraudulent web sites that look similar to anb’s, as such sites can threaten the privacy and security of our customers.
It is very important that we share with you the most common information security growing threats to exert the proper attention to protect your information and your banking transactions from these threats, some of which are:
Phishing A criminal activity using attempts to fraudulently acquire sensitive information, such as usernames, passwords, account and credit card details, by masquerading as a trustworthy friend or company entity such as a bank in an electronic communication or fake site. Phishing is typically carried out using email or an instant message, and often directs users to give details at a fake website, although phone contact has been used as well. This is an attack against the identity of a person like you, our customer. Oftentimes referred to as ‘identity theft’, the attacker wants to get hold of your personal information, using various techniques e.g. fake web sites, fake e-mails etc. What can you do to help us prevent Phishers from taking advantage of you?
Watch out for Phishing email scams. Ensure that you are connecting to correct URL for arab national bank i.e. www.anb.com.sa
Avoid using “public” computers or network connections, especially when reviewing your financial information, In case you do use a “public” computer or network, when you finish delete personal files, cookies and the Internet cache after use.
Protect your laptop and other portable electronic devices from being stolen; enable hard disk encryption and require a password for access.
Never give out personal or financial information to anyone in response to a request to update, validate or confirm your account information, unless you have initiated the contact and you know whom you are dealing with.
Do not click on the link in chatting rooms or messages or call a phone number provided in suspicious emails even to update your information.
Do not reply to emails that look suspicious or are asking for personal information such as your social security number, account number or password.
Please note that Arab National Bank will never send you an email asking you to respond with your personal information.
If you have recently responded to an unsolicited email in which you provided any personal information regarding your Arab National Bank account and you now suspect it may not have been Arab National Bank, contact us immediately so that we may take steps to protect your account.
Customer should report any security incident to Arab National Bank by email at email@example.com or by calling 800 124 4040. This will enable the bank can take appropriate actions to protect you.
Social Engineering The act of obtaining or attempting to obtain otherwise secured information by ‘conning’ an individual into revealing the secure information. Social engineering is successful because its victims innately want to trust other people and are naturally helpful. The victims of social engineering are tricked into releasing information that they do not realize will be used to attack a computer network. For example, an employee in an enterprise may be tricked into revealing his User ID and Password to someone who is pretending to be someone from IT support team. The social engineer can use that information in conjunction with other information that has been gathered to get closer to finding a way into the enterprise’s network. Phishing is a type of security attack that relies on social engineering in that it lures the victim into revealing information based on the human tendency to believe in the security of a brand name because they associate the brand name with trustworthiness.
Virus and Spyware This is the most common threat facing us today. Virus, spy ware, Trojans and worms can do various degrees of damage depending on their type as well as extract sensitive information, such as usernames and passwords for unlawful use. Customer should have up-to-date Antivirus and Anti spyware software installed and enabled on their PC all the time.
Identity Theft Identity theft is a crime in which someone wrongfully obtains access to your personal information and uses it in a way that involves fraud or deception, usually for economic gain. Unfortunately, most identify theft victims don’t realize they’ve been targeted until the damage has been done; resulting in unknown charges or withdrawals to bank accounts, or calls from collection agencies among other consequences. Identity theft is the deliberate assumption of another person's identity, usually to gain access to their finances or frame them for a crime.
Preventing Password Guessing Keep your password confidential and change it frequently. We would advise you, for your own security, not to use common information such as your birthday, telephone number or a recognizable part of your name as your password
Customer Role (things you should do) Customers also have a role to play to ensure their on-line security. anb recommends that you adhere to the following security guidelines:
Keep your Operating System updated with the latest security updates and patches.
Enable your Antivirus and Anti Spy software and ensure it is configured to update automatically all the time.
Use properly configured Firewall software.
Review your Internet security settings in the browser
Do not disclose your personal information and PIN to anyone including us.
Keep your PIN/TPIN secret. Remember it should never be shared with anyone, even with ANB staff.
When conducting online transactions through anb Net, make sure to type www.anb.com.sa and not go through any link received via email or internet websites
When accessing anb Net, do not use a public network/computer. There are a number of risks involved when using shared computers, public computers and wireless networks at places like libraries, internet cafes, airports, and coffee shops. The network maybe poorly secured and easily exploitable by hackers and thieves – one of whom may be sitting right next to you, looking over your shoulder, and stealing your information. A hacker may even be the one running the free wireless signal you’ve logged upon, grabbing all of your information as fast as you can send it. The use of shared and public computers and wireless hotspots is not recommended if you are working with sensitive information of any kind. Some of the more common risks associated with using shared & public computers and internet cafés are:
Web browsers and internet service providers often record (or cache) your browsing history in cookies, enabling companies and individuals to track your surfing habits and possibly access your online accounts you’ve logged into.
A key logger may be installed on that computer you are using, tracking your keystrokes in order to collect your passwords and user IDs for later use.
Spy ware can track your browsing habits, recording your passwords and login information.
That free wireless network you’re connected to may be run by a hacker.
Often thieves literally look over your shoulder to steal personal and sensitive information as you enter it in.
How to identify that the caller is a bank official? If you receive a call from “somebody” claiming to be a bank official and you are asked personal banking information by them:
Do not disclose any of your information to him/her.
Tell them that you will call them back on the bank’s extension and ask for the extension.
Call the bank’s official phone number and ask for extension you had been given
You can visit a bank branch to solve the matter if information is needed from your, please do not to disclose any of your sensitive banking information even to the branch employees or manager.
Personal banking information you should not disclose to anyone even bank staff:
ATM card number.
ATM PIN number.
Internet banking username and/or password.
Your identification number.
Bank account number or any of your sub-accounts.
Phone banking password.
Any password or username you use to access any electronic channel like internet, phone banking, ATM, etc.
The Bank will never ask for sensitive account information via emails or telephone calls.
Do not trust any web site simply because it holds the anb logo, always make sure that you access anb web site at this address: www.anb.com.sa. Also make sure that URL on your browser is secured https://www.anb.com.sa when logging to internet banking, if not, never access this site
How to report suspected security incidents? If you suspect that there has been an un-authorized breach of your account(s), or that an online transaction has taken place that you did not initiate, you should notify arab national bank immediately by emailing the details to firstname.lastname@example.org, or by calling 800 124 4040.