Fraudulent emails are used by criminals to lure you to fake websites, which resemble original websites of financial institutions, and ask you to divulge personal information such as account number, debit card number, PIN number or Security Authentication Key.

The most common type of phishing e-mail purports to be a security message requesting you to validate your personal details or security questions. However, the details you confirm are then sent to the criminals.

Kuwait Finance House PLC would NEVER request such personal information from you, our customer, in such an e-mail.

How to protect yourself

• You should never access Kuwait Finance House PLC’s online banking facility via a link contained in an e-mail.
• To access Kuwait Finance House PLC’s online banking facility either type https://www.mye-bankonline.com on your web browser or go direct to the Kuwait Finance House PLC online banking site at www.uk.kfh.com and then follow the link to the Mye-bank Internet banking site. These sites are secure and you will see the padlock symbol displayed on the status bar of your computer.
• Be very suspicious of any e-mail or phone call received from a business or person that asks for your password, passport number, account or debit card information unless you have initiated the transaction. Similarly, be wary of any communication that sends your personal information and asks you to update or confirm it.
• Use a unique password or PIN and change it regularly. You should never disclose your password or PIN to anyone – not even to Kuwait Finance House PLC employees.
• Monitor your transactions. Review your order confirmations, debit card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to the bank.
• If you receive any such Phishing email immediately advise the Kuwait Finance House Contact Center on +973 1722199.

• Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming ‘poisons’ a DNS server by infusing false information into the DNS server, resulting in a user’s request being redirected elsewhere. Your browser however will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing.
  How to protect yourself 

• The Security of the site begins with encryption of the communication channel. We have secured the Internet banking site with strong encryption. To ensure that you are browsing a secured site, look for an “s” after “http” in the webpage address or url.
• Ensure that the address bar is green in color and the certificate is valid.
• Report the incident to Kuwait Finance House Contact Center at +973 17 221999

With the evolution of e-mail, users have been targeted by global email scams that are intended to collect critical personal and financial information from unsuspecting victims.
• Illegitimate offers are e-mails that entice users to purchase popular goods or services at reduced prices (or before they’re available to the general public), with no intent to deliver those purchases. Usually, these e-mails are designed primarily to obtain debit card or bank account information.
• Requests for help usually offer a recipient large sums of money or attractive rewards in exchange for “short term” financial assistance. One common example is the “sender” who asks the user to supply a bank account number to “hold” large sums of money until the “sender” can retrieve it. In exchange, the recipient is promised a percentage of the deposit. The “sender” uses the bank account number for fraudulent activity, and the recipient never receives the promised funds.
How to protect yourself 
• Be very suspicious of any e-mail or phone call received from a business or person that asks for your password, passport number, account or debit card information unless you have initiated the transaction.
• Always be wary of unsolicited emails offering large sums of money.
• Monitor your transactions. Review your order confirmations, Debit Card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to your bank.
• Inform Kuwait Finance House Contact Center at +973 17 221999

Key loggers are software programs that capture a computer user’s keystrokes. Such systems are used by hackers to obtain passwords or encryption keys and thus bypassing other security measures.
A Trojan is a program that appears legitimate, but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. It stays in the computer doing its damage or allowing somebody from a remote site to take control of the computer. Trojans often sneak in attached to a free game or other utility.
How to protect yourself 
• Never use computers located in public places such as Internet cafes or airport lounges for online banking.
• Install a Personal Firewall and anti-virus software with latest security patches and anti-virus signatures.
• Always remember to update your antivirus signature
• Do not visit suspicious sites. If you suspect that a website is not what it purports to be, leave the site immediately. Do not follow any of the instructions it presents.
• Monitor your transactions. Review your order confirmations, Debit Card and Bank Statements as soon as you receive them to make sure you are being charged only for transactions that have taken place. Immediately report any irregularities to your bank.

Identity theft happens when a criminal obtains your personal information to steal money from your accounts, open new debit cards, apply for loans, rent apartments and commit other crimes – all using your identity. These acts can damage your debit, leave you with unwanted bills and cause you countless hours and frustration to clear your good name.
How to protect yourself 
• If you’re a victim of identity theft or account fraud, you should contact Kuwait Finance House PLC Contact Center at +973 17 221999.

Authorised push payment (APP) fraud happens when you are tricked into sending money to an account which belongs to the scammer. These scammers use sophisticated technology and manipulate you (this is called social engineering) to send money to the scammer’s account. A common tactic is to hack into your email account to monitor emails looking for payments you intend to make and then pose as the beneficiary to convince you to change the account details from those of the genuine beneficiary to the scammer’s.

ATMs have simplified personal cash management and allow withdrawal of cash outside of banking hours. However the frequency of ATM frauds has also increased.

Different types of fraud:

Card Skimming:
Criminals install devices on ATMs to obtain/skim the card account details and record the PIN number entered by customer. This information is then used to make unlawful cash withdrawals with counterfeit cards.
Shoulder surfing: 
Criminals pretend to help unsuspecting customers at the ATM, but in reality are memorizing the PIN number.
‘Operational Cash’ Departments: 
In tourist destinations where there are few banks and ATMs criminals approach tourists and offer their services in directing them to local merchants who will utilize their point of sale device to issue cash (‘operational cash’ departments). The merchant then skims the card account details and uses a fake PIN entry device to obtain the cardholders PIN. This information is then used to make unlawful cash withdrawals with counterfeit cards.

How to protect yourself
• Be especially cautious when strangers offer to help you at an ATM, or if you notice any suspicious activity at or around the ATM area.
• Use ATM locations that you are familiar with so any changes will be more apparent; for example, a false attachment on the front of the machine.
• Ensure that other individuals at the ATM queue keep an acceptable distance from you. Be on the look-out for individuals who might be watching you enter your PIN.
• Stand close to the ATM and shield the keypad with your hand when keying in your PIN.
• If you feel the ATM is not working normally, press the Cancel key and withdraw your card and then proceed to another ATM, reporting the matter to the bank.
• Keep your printed transaction record so that you can compare your ATM receipts to your monthly statement.
• If your card gets jammed, retained, or lost, or if you are interfered with at an ATM, report this immediately to the bank.
• Do not be in a hurry during the transaction and carefully secure your card and cash in your wallet, handbag or pocket before leaving the ATM.
• Memorize your PIN (if you must write it down, do so in a disguised manner and never carry it with your card).
• NEVER disclose your PIN to anyone, whether to a family member, bank staff or police.
• Use unique PIN numbers and never use numbers like your date of birth, or the last four digits of your phone number. Change your PIN periodically, and if you think it may have been compromised, change it immediately.
• Only use approved ATMs or banks to make cash withdrawal transactions.
• If you suspect or identify any of the above please contact Kuwait Finance House Contact Center at +973 17 221999.

Please contact us without delay if your debit card has been lost/stolen or if you believe you have been a victim of payment fraud such as APP fraud so we may stop the transaction and try to recover your money.
Telephone: +44207 487 6679
Email: info.kfhplc@kfh.com

Security Best Practices you should follow:
1. Ensure that your browser is up to date and security patches applied
2. Always install the latest operating system patches and Service Packs.
3. Always use anti-virus software. Keep your anti-virus software up-to-date. The following are few of the antivirus software
• McAfee
• Symantec Norton Antivirus
• Sophos
4. Consider using personal firewall software on your PC. The common commercial personal firewall software are
• Zone Alarm
• Symantec – Norton Personal Firewall
• McAfee
5. Use Anti-Spyware software. The following are few of the programs that detect and eliminate spyware from your PC.
• Lavasoft’s Ad-aware
• PepiMK’s Spybot Search and Destroy