Warning Issued by Emirates NBD over VAT Phishing Email Targeting its Customers
UAE tourists and residents are getting targeted by fraudsters in a latest scam ahead of VAT (Value Added Tax) refund system introduction, on November 18, 2018, for tourists. The biggest bank of Dubai has warned its customers to remain cautious from the latest phishing email scam that promised to offer a VAT refund.
As per Emirates NBD, the customer should not open the email having the subject 'VAT Refund Notification', which claims to have come from the bank. The bank wrote that "please be aware this is a phishing e-mail".
In this latest case, the fake email that came from email address 'firstname.lastname@example.org' and signed by Revenue and VAT Administrator of Emirates NBD, promises a VAT refund. The email then says that for accessing the refund - the form of VAT refund that comes as an attachment of the email must be downloaded by the customer; and once downloaded, then the customer should open it and follow the instructions that appear on the screen. After following the instructions, the customer will be re-directed to another website, which claims to be of Emirates NBD that asks for personal details like the customer's online username as well as password.
For those customers who follow the instructions and also gave their personal details, the fraudsters' buys some time from them, by adding this note in the end of email: "a refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline".
The bank says on their website "we urge you to be highly vigilant and always check the source before clicking on any links or attachments in e-mails". The bank also says that they never ask for personal details, like account number, mobile and online banking credentials, and credit or debit card details like username, password, three-digit CVV number or PIN, of customer.
Jeff Ogden, Middle East General Manager at Mimecast, applauded the warning and said that "VAT refund scams are simple in nature but are a good indication of the frequency, variety and the regional specificity of email impersonation attacks".
Ogden further said that though the initial attacks don't look like carrying malware, but stolen personal information or credentials could be re-used further for several follow-up attacks on various kinds of organisations. Ogden added that "consumer and employee awareness is important to help stop these cyber-attacks and it's great to see Emirates NBD on the educational count-offensive with prompt warnings and videos on social
» SPAMfighter News - 11/16/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!