Security Awareness - anbcapital
anb capital role
anb capital Company (“anb capital”) regards its customers' information security on systems and internet as foremost priority. anb capital is committed to protecting your private information and continuing to adapt all effective security measures. anb capital complies with international information security best practices to provide state-of-the-art security controls. There is an ongoing internal security review process that is backed by external security review to provide assurance to our customers on available security level. anb capital monitors the internet for illegal or unauthorized use of the anb capital’s name and trademarks. The process includes detecting incidents of fraudulent websites that look similar to ours; such websites could threaten the privacy and security of our customers.
Today's new and biggest threat
anb capital would like to inform you about growing security threats that require your utmost attention.
Phishing
A criminal activity using attempts to fraudulently acquire sensitive information, such as usernames, passwords, account details, by masquerading as a trustworthy friend or company entity such as a company in an electronic communication or fake website. Phishing is typically carried out using email or an instant message, and often directs users to give details at a fake website, although phone contact has been used as well.
This is an attack against the identity of a person like you, our customer. Oftentimes referred to as ‘identity theft’, the attacker wants to get hold of your personal information, using various techniques e.g. fake websites, fake e-mails etc.
What can you do to help us prevent Phishers from taking advantage of you?
• Watch out for Phishing email scams. Ensure that you are connecting to the correct URL for anb capital i.e. anbcapital.com.sa.
• Avoid using “public” computers or network connections, especially when reviewing your financial information. In case you do use a “public” computer or network, when you finish using such computer or network, please delete personal files, cookies and clear the internet cache after use.
• Protect your laptop and other portable electronic devices from being stolen; enable hard disk encryption and require a password for access.
• Never give out personal or financial information to anyone in response to a request to update, validate or confirm your account information, unless you have initiated the contact and you know whom you are dealing with.
• Do not click on any link in chatting rooms or messages or call a phone number provided in suspicious emails even to update your information.
• Do not reply to emails that look suspicious or are asking for personal information such as your social security number, account number or password.
• Please note that anb capital will never send you an email asking you to respond with your personal information.
• If you have recently responded to an unsolicited email in which you provided any personal information regarding your anb capital account and you now suspect it may not have been anb capital, please contact us immediately so that we may take steps to protect your account.
• Customers should report any security incident to anb capital by email at info@anbcapital.com.sa or by calling 800-124-0055. This will enable anb capital to take appropriate actions to protect you.
Social engineering
The act of obtaining or attempting to obtain otherwise secured information by ‘conning’ an individual into revealing secure information. Social engineering is successful because its victims innately want to trust other people and are naturally helpful. The victims of social engineering are tricked into releasing information that they do not realize will be used to attack a computer network. For example, an employee at an enterprise may be tricked into revealing his User ID and Password to someone who is pretending to be someone from IT support team. The social engineer can use that information in conjunction with other information that has been gathered to get closer to finding a way into the enterprise’s network.
Phishing is a type of security attack that relies on social engineering in that it lures the victim into revealing information based on the human tendency to believe in the security of a brand name because they associate the brand name with trustworthiness.
Virus and spyware
This is the most common threat facing us today. Viruses, spyware, trojans and worms can do varying degrees of damage depending on their type. Customers should have up-to-date antivirus and anti-spyware software installed and enabled on their PC all the time.
Identity theft
Identity theft is a crime in which someone wrongfully obtains access to your personal information and uses it in a way that involves fraud or deception, usually for economic gain. Unfortunately, most identify theft victims do not realize that they have been targeted until the damage has been done, resulting in unknown charges or withdrawals to company accounts, or calls from collection agencies among other consequences.
Identity theft is the deliberate assumption of another person's identity, usually to gain access to their finances or frame them for a crime.
Password
Keep your password confidential and change it frequently. We would advise you, for your own security, not to use common information such as your birthday, telephone number or a recognizable part of your name as your password.
Customer role (things that you should do)
Customers also have to play their role to ensure on-line security. anb capital recommends that you adhere to the following security guidelines:
• Keep your Operating System updated with the latest security updates and patches.
• Use antivirus software with ongoing updates at all times.
• Use anti-spyware software with ongoing updates at all times.
• Use Firewall software with proper configuration.
• Review your internet security settings in the browser.
• Do not disclose your personal information and PIN to anyone.
• Keep your PINs, passwords and cards separate as well as confidential.
• Do not store banking details on your mobile phone to avoid misuse should your mobile phone be lost or stolen.
• PIN/ TPIN should be kept secret and should not be shared even with anb capital staff.
• Customers should report any security incident to anb capital by email at info@anbcapital.com.sa or calling 800-124-0055, so anb capital can take appropriate actions to protect you.
• Watch out for Phishing email scams. Ensure that you are connecting to right URL for anb capital i.e. www.anbcapital.com.sa.
• Avoid using “public” computers or network connections, especially when reviewing your financial information. In case you do use a “public” computer or network, when you finish using such computer or network, please delete personal files, cookies and clear the internet cache after use.
• Protect your laptop and other portable electronic devices from being stolen; enable hard disk encryption and password for access.
How to report suspected security incidents?
If you suspect that there has been an un-authorized breach of your account(s), or that an online transaction has taken place that you did not initiate, you should notify anb capital immediately by emailing the details to info@anbcapital.com.sa or by calling 800-124-0055.