Types of Fraud

Phishing

What is Phishing?

  • Phishing is a way of attempting to acquire information such as usernames, passwords, PIN, bank account, debit card details by masquerading as a trustworthy entity details through electronic communication means like e-mail. Phishing is typically carried out by e-mail spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users.

If something seems fishy…it’s probably phishing. Here are some tips to keep in mind to avoid falling victim so that we protect our Bank and its data:

  • Double-check that the sender’s email address matches who they claim to be
  • Don’t click a link or download from emails sent by someone you don’t know, or weren’t expecting
  • Typically, these emails will be poorly drafted with spelling mistakes. This should serve as an alert.
  • Don’t reply to a suspicious email or message from an email you don’t recognize

Pharming

Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof websites which appear legitimate, pharming ‘poisons’ a DNS server by infusing false information into the DNS server, resulting in a user’s request being redirected elsewhere. Your browser however will show that you are at the correct website, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing.

How to protect yourself?

  • If you are using Internet Explorer 7 and the address bar turns RED, do not continue, as this is an indication that you are connected to a fake web site.
  • You can also verify that you are connected to the right server by clicking on the gold padlock icon and then click on “View Certificates” to see you are connected to the right server.

Fraudulent Emails

With the evolution of e-mail, users have been targeted by global email scams that are intended to collect critical personal and financial information from unsuspecting victims. Illegitimate offers are e-mails that entice users to purchase popular goods or services at reduced prices (or before they’re available to the public), with no intent to deliver those purchases. Usually, these e-mails are designed primarily to obtain debit card or bank account information.

Other fraudulent emails are in the form of requests for help that usually offer a recipient large sum of money or attractive rewards in exchange for “short term” financial assistance. One common example is the “sender” who asks the recipient to supply a bank account number to “hold” large sums of money until the “sender” can retrieve it. In exchange, the recipient is promised a percentage of the deposit. The “sender” uses the bank account number for fraudulent activity, and the recipient never receives the promised funds.

How to protect yourself?

  • Be Very Suspicious of any e-mail or phone call received from a business or person that asks for your password, passport number, and account or debit card information unless you have initiated the transaction.
  • Always be wary of unsolicited emails offering large sums of money.
  • Monitor your transactions. Review your order confirmations, Debit card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any suspicions to BBK.

Key Loggers and Trojans

Key loggers are software programs that capture a computer user’s keystrokes. Such systems are used by hackers to obtain passwords or encryption keys and thus bypassing other security measures.
A Trojan is a program that appears legitimate but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. It stays in the computer doing its damage or allowing somebody from a remote site to take control of the computer. Trojans often sneak in attached to a free game or other utility.

How to protect yourself?

  • Never use computers located in public places such as Internet cafes or airport lounges for online banking.
  • Install a Personal Firewall and anti-virus software with latest security patches and anti-virus signatures.
  • Always remember to update your antivirus signature.
  • Do not visit suspicious sites. If you suspect that a website is not what it purports to be, leave the site immediately. Do not follow any of the instructions it presents.
  • Monitor your transactions. Review your order confirmations, Debit card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to your bank.

ATM Type Fraud

ATMs have simplified personal cash management and allow withdrawal of cash outside of banking hours. However the frequency of ATM frauds has also increased.

Different types of fraud:

  • Card Skimming: Criminals install devices on ATMs to obtain/skim the card account details and record the PIN number entered by a customer. This information is then used to make unlawful cash withdrawals with counterfeit cards.
  • Shoulder surfing:  Criminals pretend to help unsuspecting customers at the ATM, but in reality are memorizing the PIN number.
  • ‘Operational Cash’ Departments: In tourist destinations where there are few banks and ATMs criminals approach tourists and offer their services in directing them to local merchants who will utilize their point-of-sale device to issue cash (‘operational cash’ departments). The merchant then skims the card account details and uses a fake PIN entry device to obtain the cardholders PIN. This information is then used to make unlawful cash withdrawals with counterfeit cards.

How to protect yourself?

  • Be especially cautious when strangers offer to help you at an ATM, or if you notice any suspicious activity at or around the ATM area.
  • Use ATM locations that you are familiar with so any changes will be more apparent, for example, a false attachment on the front of the machine.
  • Ensure that other individuals at the ATM queue keep an acceptable distance from you. Be on the look-out for individuals who might be watching you enter your PIN.
  • Stand close to the ATM and shield the keypad with your hand when keying in your PIN.
  • If you feel the ATM is not working normally, press the Cancel key and withdraw your card and then proceed to another ATM, reporting the matter to the bank.
  • Keep your printed transaction record so that you can compare your ATM receipts to your monthly statement.
  • If your card gets jammed, retained, or lost, or if you are interfered with at an ATM, report this immediately to the bank.
  • Do not be in a hurry during the transaction and carefully secure your card and cash in your wallet, handbag or pocket before leaving the ATM.
  • Memorize your PIN (if you must write it down, do so in a disguised manner and never carry it with your card).
  • NEVER disclose your PIN to anyone, whether to a family member, bank staff or police.
  • Use unique PIN numbers and never use numbers like your date of birth, or the last four digits of your phone number. Change your PIN periodically, and if you think it may have been compromised, change it immediately.
  • Only use approved ATMs or banks to make cash withdrawal transactions.

Smishing

Smishing uses cell phone text messages to lure users in a similar fashion like Phishing. They take the form of text messages that claim to be from legitimate entities and are often used in combination with other techniques to bypass inbuilt protections. They might also direct victims to malicious websites on their phones.

Typical Examples of Smishing Attacks

  • Dear BBK customer, You are successfully registred for BBK new updates. For full details: SMS as HELP +9122567830 & Download app BBK qulk app- BBK Team
  • We are sorry but-BBK Debit Card is temporarily blocked. visit bbkindia-7484.tbm5430.com

Best Practices To Follow To Avoid Smishing Attacks:

  • Be suspicious of any text messages containing urgent request for personal or financial information.
  • Do not share any sensitive information over text messages.
  • Do not click on any links on the SMS
  • Please call the branch for help or refer to the information only on the official website of the bank.

Get In Touch With Your Branch If You Have

  • Provide personal information to anyone
  • Noticed any unusual activity in your account
  • Received an SMS about updating data through a link

Identity Theft

Identity theft happens when a criminal obtains your personal information to steal money from your accounts, open new debit cards, apply for loans, rent apartments and commit other crimes – all using your identity. These acts can damage your credit, leave you with unwanted bills and cause you countless hours and frustration to clear your good name.

Bank of Bahrain & Kuwait B.S.C is now registered with DICGC.

|

All the locker –Hirer are advised to execute the fresh locker agreement by contacting through their base branch on immediate basis as per the RBI revised instructions.

|

Dear Customer, as a valuable customer for our bank we welcome you to join the FX retail platform through the link https://www.fxretail.co.in/#/ for getting access to Forex dealing in USD/INR currency pair. In case of further queries, you can reach us on 022- 22-43349205/43349256/43349257 to Mr. B. Harikumar / Mr. S. Venkatachalam / Mr. Ankush Jain – Bank of Bahrain and Kuwait B.S.C"

|

“ATM/Debit card can be managed/blocked using mobile banking app “BBKonnect”- please download from App Store/ Play store.”

|

Dear Customer, Consequent upon spurt in COVID-19 cases across India and Government/local bodies actions, we request all our valued customers to use online banking for their regular banking transactions and also minimize use of cash as low as possible. Currency changing hands may also be carrying virus. For any help and details visit our website www.bbkindia.com . We assure our commitment to you and thank you for your co-operation in the current situation"

|

Reserve Bank of India(RBI) vide circular No DPSS.CO.RPPD.No 309/04.07.005/2020-21 dated Sepetember 25,2020 had announced introduction of Positive Pay System for CTS for all cheques value Rs 50000.00/- and above.

|

Dear Customer, As per Govt. guidelines and to ensure the health and safety of our customers,vendors and employees, all visitors to our branches are required to wear a face mask maintain social distancing. Entry will be allowed post screening for body temperature and status on the Aarogya Setu app. We request your co-operation in compliance of these guidelines.

|

An Appeal (Hindi-pdf) with reference to Pradhan Mantri Garib Kalyan Package, in the light of COVID-19.

|

“Dear Customer,Bank of Bahrain and Kuwait B.S.C. will never ask you to share sensitive information like OTP, CVV, passwords for moratorium on loan EMIs or any other payment. Beware of such fraudulent calls or emails. DO NOT share your OTP, User ID, Password, CVV, Expiry date etc with anyone. Stay safe and stay alert. To know more, visit www.bbkindia.com”

|

“Thank you for choosing to do business with BBK. Due to global COVID-19 pandemic, there is a great deal of uncertainty in the markets and in the current situation, BBK highlights the need for clients to carefully consider any new product and independently review risks at this highly sensitive and volatile time. We caution our clients to remain focused and vigilant in these times as the human, economic and financial impacts of this pandemic have already been huge, and it is not yet clear how quickly the situation will be brought under control and normal economic activity can resume.”

|

“As per RBI guidelines, National Electronic Fund Transfer (NEFT) is available 24 x 7 with effect from December 16, 2019.”

|

* TDS of 2% would be levied on cash withdrawals exceeding Rs 1 crore during a financial year. Click here for further details.

|

* Waiver / reduction of NEFT/RTGS charges with immediate effect Refer schedule of charges for details. Please click here for Revised service charges w.e.f.01.10.2022.

|

*Banking Facilities for Senior Citizens and Differently abled Persons.

|

* W.E.F 01.07.2017 Bank has been collecting GST @18% on applicable commission/service charges in lieu of service tax @15%.

|

* W.E.F 01.07.2017 GST on Forex conversions are being collected. Click here for rates.

|

* Please click here for current MCLR rates.

|

* Please click here for current interest rates on deposits.

|

* Details of Unclaimed Deposits. Please click here.

|

* FREE OF CHARGE unlimited usage of BBK ATM cards in other Banks’ ATMs.BBK ATM cards can be used in all ATMs of NPCI member Banks network. Click here for details.

|

*Safe Deposit Lockers facility available at our Hyderabad, Aluva & New Delhi branches. Please contact branch for details.

|

* Interest on all types of Savings Deposit shall be credited at quarterly intervals on the last working day of March, June, September and December.

|

* As per Income Tax rules, applicable TDS on deposit account is deductible on accrued interest. TDS so deducted is non-refundable.

|

* Customers are advised to register their mandates for payment before maturity on joint deposits held on "Either or Survivor" or "Former or Survivor" basis.

|

* Customers are advised to issue CTS compliant cheques only.

|

* BBK presently does not have any 3rd Party Agents/DSAs. The marketing & processing of all products are done through its branches, by the bank staff.

|

* Rupee Floating Loans/ Credit limits shall now be priced at MCLR effective 01/04/2016"click here for details

|