Financial services

Dubai bank warns residents of VAT phishing email

Dubai’s Emirates NBD has warned customers to beware of a new phishing email scam which claims to offer VAT refunds.

The bank has warned customers to not open an email claiming to be from the bank with the subject line VAT Refund Notification.

In a statement in its website, Emirates NBD said, ” You may have received a recent e-mail with the subject line ‘VAT Refund Notification’, claiming to be from Emirates NBD. Please be aware that this is a Phishing e-mail.”

The bank urged its customers to be “highly vigilant and always check the source before clicking on any links or attachments in e-mails.”

Emirates NBD reiterated that it would never ask its customers for their personal details such as Account Number, Online and Mobile Banking credentials, and Debit or Credit Card details such as Username, Password, PIN or the three-digit CVV number. “Your online privacy and safety is of utmost importance to us. If you are unsure of any communication from Emirates NBD, please contact us on 600 54 0000.

Commenting on the bank’s swift warning and action, Jeff Ogden, general manager, Middle East, Mimecast, said, “VAT refund scams are simple in nature but are a good indication of the frequency, variety and the regional specificity of email impersonation attacks. Although these initial attacks don’t appear to carry malware, stolen credentials or personal information can be used for follow-up attacks on all types of organisations. Consumer and employee awareness is important to help stop these cyber-attacks and it’s great to see Emirates NBD on the educational count-offensive with prompt warnings and videos on social media.”

In its second-annual State of Email Security report, Mimecast revealed that more than 90 percent of global organisations reported the volume of phishing attacks have increased or stayed the same in past 12 months.

The company noted that email-based attacks are constantly evolving and this research demonstrates the need for organisations to adopt a cyber resilience strategy that goes beyond a defense-only approach.

Previous ArticleNext Article


The free newsletter covering the top industry headlines