1st of all I have been almost a victim to 2 fraud attempts in my 17 years in UAE. The 1st was from the US while the 2nd was from UAE. Both affected my UAE issued credit cards.
The 1st fraud attempt took place in Jan 2020. It was a result of me ignoring common sense pure and simple. When we were visiting New York, I visited a gas station in Staten Island which clearly looked dodgy but the car was low on fuel so I ignored common sense. The gas machine was asking for CCV/PIN so I put the PIN a couple of times and when it didn’t work. I then decided to go visit another gas station thinking that one was not working properly. Later, thank God, I discovered I was putting the wrong PIN. This incident resulted in a thief who successfully copied my credit card info but had the wrong PIN/CCV. As a result, when the thief tried to pay with my card online, the payment was rejected due to wrong CCV. I got a SMS of the rejected payment due to wrong CCV and of course called my bank and changed the credit card.
The 2nd fraud attempt took place in May 2023 when someone at 1 AM decided to use my credit card and buy something worth 47AED from a website in the US. The payment went through without OTP so that thief decided to add my credit card to his/her UAE Amazon account and use it to pay for something worth nearly a 1000 AED. I was saved by Amazon who rejected the payment. I woke up on a call from the bank’s credit card security team at 1 AM asking me if I make the transaction as Amazon flagged it fraudant.
The “thief” most likely got his/her hands on the credit card information from a security breach at one of online stores which saved my card information including the CCV without my consent or even alerting me that they are doing so.
So, the steps below does not offer 100% protection but they will make it harder and harder for you to suffer from a fraud transaction.
One last thing, protection and security walk hand by hand with inconvenience. Both have a price which you should be aware of (as in loss of credit card benefits for example) and ready to pay.
- Setup credit card spending limits. All banks now offer monthly and even daily spending limits which can be configured through their apps on your phone. For example, ADCB allows their customers to configure both daily and monthly spending limits while HSBC on the other hand allow their customers to only configure monthly spending limits for each of their credit cards. So, use this feature according to your needs and your panic level. For example, I have my ADCB cards set to 500 AED daily and 5000 monthly while my HSBC cards are setup to 1000 AED monthly. Then I adjust those limits accordingly if I need to exceed them and then revert them back to their old values once I am done.
- The good thing is that you get to keep all the benefits offered by the credit card
- The bad thing is the inconvenience this causes if you go to pay something and discover the you need to adjust the limit.
- Consider getting and using one of the prepaid credit cards which is topped up depending on how much you need. For example, Al Ansari Exchange offer such a card and you can top it up via a bank transfer using online banking from your phone. This is similar in a way to setting spend limits on your credit cards
- The good thing is if you suffer any fraud transaction(s) then only what you have in the card is lost without any further loss.
- The bad things are
- The inconvenience this causes if you get to pay something and discover the you need to top up the card.
- You lose all of your credit card benefits (cashback, airmiles, discounts,….)
- Consider using contactless payment solutions (Google Pay, Apple Pay, Samsung Pay) which hides your credit card details from merchants. They generate unique tokens (think of it as masked credit card numbers) to be used for each single transaction and can not be used more than once.
- The good thing is you do not need to carry your credit cards with you
- The bad things are
- Now you need to make sure your login credentials to such payment solutions are secure. To mitigate this risk, consider enabling MFA via either SMS or an authenticator app on your phone to login to such portals to make it much harder to gain access even if your username/password were compromised.
- The potential loss of credit card benefits (i.e cashback credit cards). You need to check with your bank if using these methods to pay your bills will cause any loss in benefits.
- Stop using your debit card for any purchases especially online ones. Debit cards have direct access to your bank accounts. Using them is just a BAD idea waiting to happen.
- Use RFID-blocking wallet which can help protect you against identity theft and fraud that might arise from electronic pickpocketing.
- VPNs are used widely in UAE. Avoid using “Free” VPN apps on your phone. Do not try to login to your banking app while those “free” VPNs are running and connected. If you need a VPN then get a paid service where you can be sure some level of security is there.
- If VPN is a must for you then I would suggest to consider either PureVPN or Hotspot Shield and I still would advise against login to online banking while using those VPNs.
Always remember that Humans are the weakest link in any security system. If you take all the above-mentioned precautions but you are using pirated software or Operating System on your computer/tablet/phone then you are just asking to be hacked. The same applies if you are using a jailbroken iPhone or an Android phone that was tampered with. It is no longer a question of if but a question of when.
Make sure to use original software and Operating System on your devices. Make sure you invest in your device’s security. I would suggest you buy Norton 360 for both computers and tablets/phones. There is a Norton 360 10-device license for 70$ annually (60$ for the 1st year). Though this may sound expensive to some, I can assure you it is worth every benny if configured properly on all your devices.
Use common sense and do not open/respond any messages or open any links that you receive on SMSs even if you are actually expecting a “package”. If you are expecting something, then get the carrier phone number from their website and call them personally. Configure WhatsApp not to download any media automatically to your phone.
Make it harder and too much trouble for a thief to robe you even if it causes inconvenience to you. It is all about tradeoffs. But I would rather suffer some inconvenience, which I can mitigate, rather than suffering a fraudant transaction that takes forever to solve.