Credit card details of many UAE residents have been stolen and the central bank has asked financial institutions to inform customers and cancel the cards.
"Please note that these details have been compromised and thus, contact the persons mentioned in the enclosed list if they are your customers, and take the required action to cancel the relevant credit cards," said a circular sent by the UAE Central Bank to local and foreign banks and finance companies operating in the UAE.
Sources told Khaleej Times that credit card details of around 250 customers have been compromised. The central bank details showed that all the cardholders are based in Dubai. However, the issuing banks were not mentioned in the curricula.
The curricular - sent to banks on November 29, 2017 - contains credit card numbers, email addresses and mobile numbers of the affected customers.
As reported by Khaleej Times recently, some UAE residents shared their harrowing stories on Reddit regarding card frauds they faced after transactions at shopping malls, petrol pumps, and online stores.
Residents have been advised not to share credit card details and PIN numbers with petrol station attendants, shopping mall receptionists and anyone on the Internet - not even with relatives and friends. The banks advise their cardholders to change PIN numbers time and again for security reasons.
John Shier, a senior security adviser, Sophos, said people should feel free to browse deals on their smartphones but be cautious of the wireless network they're connected to when shopping online.
"Only enter your credit card information when you're on a secure network that you trust. And remember the best way to keep your money safe is to use online payments systems such as PayPal or your credit card. Where possible, avoid using debit cards to purchase gifts online," says Shier.
The simplest - and one of the most common - methods employed by cybercriminals is that they take a popular online brand and change one letter or two to trick people into clicking and sharing personal information.
"Always check the spelling and be on the lookout for smart typo-squatting like the famous Tvvitter attack," adds Shier. But if a customer has fallen a victim to a phishing attack, he must change the password immediately and contact the bank to see if there has been any fraudulent activity.