At Mashreq, we take the security of your accounts very seriously. While we continuously upgrade our online security features to ensure you are always protected, it is also important you understand your role and obligations to ensure the safety of your information regarding online / mobile banking, ATMs, and Credit / Debit cards.
Guarding Yourself against Phishing Emails
- We have noticed a recent rise in the number of Phishing emails claiming to be sent out by reputable financial institutions, including Mashreq.
- Phishing is an attempt by fraudsters to ‘fish’ out your banking details by using a web-page that usually looks very similar to the bank’s web page. You are then asked to provide sensitive financial information including online banking passwords that can then be used to tap into your accounts.
- Phishing emails typically claim that access to your account is blocked, or a wrongful credit has been done to your account, or that your account needs to be re-activated. They then ask you to sign on to internet banking to confirm your details.
- Important: Mashreq will never contact you and seek your personal details such as account information, password etc at any time. Such information is only required for the normal Personal Internet Banking Sign On process. Please do not to respond to or share any personal information by clicking on any of the links provided within such emails.
Please take the time to find out what you can do to protect yourself against online risks
- If you receive an email requesting your Online Banking security details like PIN / Transfer Challenge Code, Password or Account Number, please do not respond or click on any link in the email. Mashreq will never send emails that ask for confidential information, other than the normal Online Banking sign on process.
- Whenever you use a link to access MashreqOnline, check for the web address (URL) it should always begin with https://banking.mashreqbank.com and should have a security padlock as shown below
Any phishing email will display the link as "www.mashreqbank.com", but after clicking the web address (URL) of the website that you are taken to will be totally different.
- On the Sign On page where you entre your User ID and Password please check the thawte certificate displayed on the right hand bottom below the virtual keyboard. Date displayed on this icon will always be current. This enables you to check the site's validity yourself. Always check a site's certificate before entering any sensitive information.
- We recommend that you type in the URL yourself whenever you access www.mashreqbank.com or bookmark / save the URL in your list of 'Favorites'.
- Delete suspicious e-mails without opening them. If you happen to open them, do not click any link or attachment they may contain.
- Regularly Sign On to your online accounts, so that you can identify any suspicious activity.
What are we doing to provide you a secure online banking environment
- Enhanced security features by introducing multi-level transaction limits initiated through online banking
- Instant alerts on almost all financial transactions initiated through MashreqOnline sent to your registered mobile number on our records (Please make sure you keep your mobile number & contact address updated by visiting any of our branches)
Important: If you receive an email claiming to be from Mashreq asking for your financial / personal information, please let us know immediately by calling our 24-Hour Customer Service Centre on +974 4408 3333 and forward the original email to email@example.com.
General Online Security Tips
Here are a few suggestions to further help you enjoy a secure online experience:
- Act quickly if you suspect fraud. If you believe someone is trying to commit fraud by pretending to be your bank, notify the bank immediately.
- Change your online banking password often.
- Do not visit suspicious sites. If you suspect that a website is not what it claims to be, leave the site immediately. Do not follow any of the instructions it presents.
- Be alert for scam emails. These may appear to come from a trusted business or friend, but are actually designed to trick you into downloading a virus or jumping to a fraudulent website and disclosing sensitive information.
- Do not send sensitive personal or financial information unless it is encrypted on a secure website. Regular emails are not encrypted and are more like sending a post card. Look for the padlock symbol on the bottom bar of the browser to ensure that the site is running in secure mode BEFORE you enter sensitive information.
- Make sure your home computer has the most current anti-virus software. Install a personal firewall to help prevent unauthorized access to your home computer. This is especially important if you connect to the Internet via broadband.
- Monitor your transactions. Review your order confirmations, Credit Card and Bank statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to your bank.