Cyber Security Awareness

Internet and Mobile Banking Frauds

What is Phishing?

The most frequently used method is to send a spam email or instant messages to many people with a malicious link. The spam email is designed in such a way to look exactly like an email sent by a legitimate company or bank.

The email may ask the recipient to click on a link and provide confidential information. Different techniques can be used to trick the recipient, such as Validation of account information, threat of account suspension, etc.

What you can do to save yourself?

  • You should avoid clicking on links, downloading files, or opening attachments in emails that are sent from unknown senders.
  • Look for signs that indicate that the website is secure such as a lock icon on the browser’s status bar or a “https:” URL, where ‘s’ stands for ‘secure’
  • Protect your system by regularly updating the anti-virus and anti-spyware software.
  • Make it a habit to change Awash Internet Banking password at regular intervals
  • Check bank statements regularly to find any anomaly.
What is Vishing?

A typical Vishing call involves a scammer, posing as an employee of your bank or some government body asking for personal details. Scammers may tell you many different reasons why they need this information. Regardless of the story you are told, the scammer will be aiming to convince you to divulge confidential personal and banking information, such as your PIN, password, card details, etc.

What can you do to avoid it?

  • Never share confidential information like your Awash Bank Secure Code, ATM PIN, passwords with anyone, even if the person claims to be a bank employee.
  • Just because your caller ID displays the phone number of a legitimate company, it does not guarantee that the call is genuine. Refrain from sharing your personal information with anyone.
  • Make the habit to change Awash Bank passwords and PINs regularly.
  • In case you have shared confidential information, immediately get in touch with your nearest Awash Bank branch or call us at 8980.
What is Smishing?

SMishing, short for ‘SMS phishing’, uses text messages containing Malware or Virus which attempts to collect personal information of the user. This vulnerability is becoming increasingly popular among miscreants as many mobile phone users keep their personal data, like bank account information, card info stored on their smartphones.

Typically, the scam is perpetuated by sending the user an SMS which asks him to download a legitimate-looking program which is actually a malicious software. Customers should be vigilant in using their mobile devices as a means to prevent this kind of attack.

How can you avoid being a victim?

  • Avoid clicking on links sent from unknown numbers or senders.
  • Do not respond to messages asking for your personal information, even if the person claims that he/she is from Awash Bank, other bank or government office.
  • Avoid downloading unauthorized applications on your mobile phone as it can leave your personal data exposed to threats.
  • If a text message urges you to act or respond quickly, stop and think before you do anything.
  • Never reply to a suspicious text message without verifying the source.
What is email spoofing?

By forging the email header, so that the message appears to have originated from a known source or sender (like a law enforcement agency, renowned company, or even your bank), fraudsters trick the recipients to open and respond to mails with their personal information.

How can you detect a spoofed email?

  • Do not click on links that ask for your personal information.
  • Always ensure that your system has updated anti-virus software.
  • Roll over any suspicious link and do not click on it if it is not identical to what the link says.
  • Avoid opening emails or clicking on links if you do not recognize the sender.
  • Nearly all email programs will let you float your mouse over an email address (or link in an email). What you see in the pop-up should be identical to what’s floating over.
What is Card Scamming while online shopping?

With the increasing number of e-commerce sites, online frauds are also on the rise. Unsafe websites are a common method used by fraudsters to lure vulnerable customers and get their information.

How can you protect yourself?

  • Shop only with reputed and reliable e-commerce sites. That’s why, you not only ensure good quality products but also a high degree of safety when you transact.
  • Keep your anti-virus, anti-spyware, spam filters, and secure firewall up-to-date.
  • Avoid putting your account-related details in a pop-up window, it may be a trick to capture confidential information.
  • Confirm that the website is secure before submitting your bank details or other sensitive information. Check these:
    • If the address bar is visible, the URL should start with ‘https://’ (‘s’ for secured) rather than the usual ‘http://’ and there should be a padlock in the address bar. If these are missing, it means your personal data is not being encrypted before transmission; it could be stolen by other parties.
  • Understand privacy policies, so that you know how they process and store your information.
  • Do not use a public computer for online shopping.
  • Avoid using public Wi-Fi.

ATM/Credit/Debit Card Fraud

What is Shoulder Surfing?

One of the easiest and the most convenient way to steal information is by Shoulder Surfing. As the name suggests, it is the practice of peeping over the shoulder of an unsuspecting user at an ATM or while they are on their phone, in order to obtain their personal detail, PIN, password etc.

Shoulder Surfing is an effective way to get information in crowded places because it’s relatively easy to stand next to someone and watch as they fill out a form, and enter a PIN at an ATM.

How can you protect yourself?

  • Do not accept help from strangers at the ATM.
  • Pay attention to your surroundings and look for suspicious individuals trying to peep into your screen.
  • Shield the screen/keypad by using your other hand while entering your PIN at the Awash Bank or any other ATM/ POS. Also, check for cameras.
  • Wait at the ATM until your transaction has ended and you are fully logged out. Leaving early gives the next person in line access to your account.
  • Regularly check your account balance and bank statements, and report any discrepancies to your bank immediately.
What is Fake Assistance?

“May I Help You?” is another ATM fraud employed by notorious elements preying on those new to use an ATM card. Once these perpetrators spot one, they will appear to be very helpful and offer assistance to the unsuspecting cardholder but in truth, these perpetrators are already memorizing the card number and PIN, which later can be misused.

How to protect yourself from Fake Assistance ?

  • Observe your surroundings. Stay alert once you enter the ATM room.
  • Never allow a stranger to assist you while using an ATM.
  • Avoid asking for help from strangers, especially if they look suspicious.
What is Skimming?

Skimming is an act of stealing information from the magnetic strip of the cards that are used at ATMs or merchant establishments. To do this, they conceal a small device called a skimmer to record the card information. Skimming can occur in ATMs, restaurants, shops, or other locations.

At ATM machines

Fraudsters insert a skimming device to the ATM’s card slot. This device scans the card and stores its associated information. A tiny strategically positioned camera is used to capture the PIN. Later, the fraudsters download the data from skimming device which is further used to create counterfeit cards.

At Restaurants/Shopping Outlets

At restaurants and shopping outlets, the Credit Card is swiped twice, once for a regular transaction and the other in the skimmer that captures the card information which is retrieved later by the fraudsters.

How can you avoid being duped by a skimmer?

  • When at the ATM or merchant outlet, look out for suspicious objects like hidden cameras, an unusual looking keypad or any other suspicious object fitted into the card slot
  • Cover the keypad when entering your ATM PIN.
  • Monitor your bank transactions and notify your bank as soon as you identify any suspicious transaction.
  • Keep your PIN a secret. Never reveal it to anyone at restaurants, petrol pumps and even to someone who claims to be calling from your bank or a police officer.
  • Check that other people in the queue are at reasonable distance away from you.
  • Be cautious if strangers offer to help you at an ATM, even if your card is stuck or you are having difficulties. Do not allow anyone to distract you.
What is Identity Theft?

Identity Theft is the deliberate use of someone else’s identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person’s name and perhaps to the other person’s disadvantage or loss. Identity Theft occurs when someone uses another’s personally identifying information, like their name, identifying number, date of birth, etc. without their permission to commit fraud or other crimes.

How to protect yourself from Identity Theft?

  • Whenever you give details like name, address, identity proof, address proof, etc., ensure that the person to whom details are being given is genuine and authorized by the Bank.
  • Avoid sharing personal details at public places like malls, shopping complexes or online under the pretext of gift or holiday packages, etc.
  • Get in touch with your nearest branch or seek phone banking assistance in case of any suspicious calls.
  • Ensure your correct mobile no. is registered for getting SMS alerts and review transactions regularly.
  • Don’t share your personal information on emails from unknown sender.
  • Read the reviews about unknown organizations before responding to their emails.

Security Measures and Tips

Security Measures and Tips for Mobile/Internet Banking
  • Do not give app access to unknown users.
  • Always download the application from secured sources like Play Store and App Store.
  • A strong password is critical to your internet and mobile banking security.
  • Downloading application from third party or from unknown sources should be avoided.
  • Be cautious while accepting offers such as caller tunes or dialer tunes or open/download emails or attachments from known or unknown sources.
  • Do not store sensitive information such as Credit Card details, Mobile Banking password, user ID etc. on your phone /computer.
  • Change your PIN regularly.
  • Be cautious while using Bluetooth in public places as someone may access your confidential data/information.
  • Do not click on links embedded in emails/social networking sites claiming to be from the bank.
  • Avoid using internet banking on shared computers and public places like cafes and libraries.
  • Always remember to log-off on internet banking and close your browser when you have finished your online banking.
  • Install anti-virus and firewall software and keep it up-to-date to help detect and disable malicious software.
Security Measures and Tips for ATM
  • Memorize your PIN. Do not write it down anywhere, and certainly never on the card itself.
  • If your ATM card is lost or stolen, report it to your bank immediately.
  • If your card is stuck in the ATM, or if cash is not dispensed after you keying in a transaction, call your bank immediately.
  • If you have any complaint about your ATM/Debit/Credit Card transaction at an ATM, you must take it up with the bank.
  • If you get a transaction slip, shred it immediately after use if not needed.
  • Press the ‘Cancel’ key and wait for the welcome screen before moving out from the ATM. Remember to take your card and cash with you.
  • Do not conduct any transaction if you find any unusual device connected to your ATM.
Payment Cards Safety Measures
  • Do not let your debit or credit card out of your sight during a point-of-sale transaction.
  • Always take your debit or credit card with you at the end of any transaction.
  • Review your statements every month and report suspicious transactions immediately.
  • Report lost or stolen cards immediately.
  • Never give out your debit or credit card number or personal information over the phone. The only time Awash will ask for your account password is when you contact us. Awash will never ask you for your PIN.

 

Password Security

Creating Strong Passwords
  • Length & Complexity: Use passwords that are at least 12 characters long. Mix uppercase and lowercase letters, numbers, and special symbols.
  • Avoid Common Words & Patterns: Avoid dictionary words, personal information (like your name or birth date), and predictable sequences like “12345” or “password123.”
  • Passphrases: Consider using a passphrase (e.g., “BlueSkiesDancing2024!”) which is easier to remember but hard to guess.
  • Unique Passwords: Use different passwords for different accounts to prevent a single breach from compromising multiple accounts.
Password Management
  • Password Managers: Use a password manager to securely store and generate strong passwords for each of your accounts. This prevents you from having to remember all passwords.
  • Regular Updates: Change passwords regularly and immediately after any data breach or suspicious activity.
Multi-Factor Authentication (MFA)
  • What is MFA? MFA adds an additional layer of security by requiring more than just a password to log in. It usually involves something you know (password), something you have (e.g., a mobile phone for a code), or something you are (biometrics like a fingerprint or face scan).
  • How to Set Up MFA: Always enable MFA on critical accounts like banking, email, and social media. It’s usually found in the security settings.
  • Common MFA Methods:
    • Text Messages: A code sent to your phone.
    • Authentication Apps: Apps like Google Authenticator or Microsoft Authenticator generate one-time-use codes.
    • Hardware Tokens: Devices like YubiKey that provide an additional hardware-based authentication method.
Password Security in Public Spaces
  • Avoid Public Wi-Fi: Do not enter passwords when connected to unsecured public Wi-Fi. Use a VPN if you must access sensitive accounts on public networks.
  • Shoulder Surfing: Be aware of your surroundings when typing passwords in public to prevent others from observing your credentials.
  • Auto-Lock Devices: Ensure your devices are set to auto-lock after a short period of inactivity, and use secure PINs or biometric authentication.
  • Public Computers: Avoid using public computers (e.g., in libraries or internet cafes) to log into personal accounts as they may have key loggers or malware installed.
Open a Bank Account Online Today

Need more help?

8980
251 115-57-12-54
251 115-57-13-24
Call us, we’re available daily 9AM to 11PM

Already a customer?

You can find branches near you here or contact us for information here

Try Our App

A full features banking mobile app for bussiness & personal use.

Nov 21, 2024 EXCHANGE Rate
Currency Buying Selling
USD
122.8531 125.3101
GBP
151.0319 154.0525
EUR
133.2093 135.8735
AED
30.2697 30.8751
SAR
29.6358 30.2285
CHF
133.5662 136.2376

Exchange Rate
Close