We would like to caution you against the fraudulent emails which claim to have come from the Bank Sohar. These emails ask the customer to verify their personal details by clicking on a link and some of them threaten to restrict the Internet Banking access or similar such action in case you do not respond.
We would like to re-iterate that as a policy, we would never ask for your passwords, PIN’s and personal details through an email, SMS or voice calls.
We seek your cooperation by forwarding all such suspicious emails to email@example.com
Information Security Officer
Bank Sohar SAOG
- Phishing is a modus operandi wherein a customer gets an e-mail that deceptively claims to be from a particular enterprise (like your Bank) and asking for account sensitive information.
- The fraudster sends "spoofed" emails that appear to come from a legitimate website that you have online dealings with such as a bank, credit card company or an ISP (Internet Service Provider) - any site which requires users to have a personal identity or account. The email may ask you to provide with your account details in order to "update security" or for any other reason.
- Some of these Phishing mails have a legitimate-looking URL or an image, which when clicked directs the affected user to the Phishing site where in the account sensitive details are captured. Alternatively, sometimes the customer is asked to download and install "Security" software attached to the spam e-mail and doing so by the customer, the scamster can retrieve all the account related details.
Tips to Identify Phishing Mails
- These emails generally ask for sensitive account information like Usernames, Passwords, Credit Card or Debit Card Numbers over the email.
- The emails may include contents having a link to the banks website/internet banking site requesting you to update your Account Information in order to keep your Bank Account active. Bank Sohar would never send such emails. In any case if you receive such emails, SMS and Voice Calls, always refer back to the Bank and check for the legitimacy.
During login to Bank Sohar Internet Banking, always look on the address bar to ensure that the Internet Banking site and the website have https:// in the address link.
Protection from Phishing Attacks
Please note the following points that will help you protect yourself while using Internet Banking:
- At Bank Sohar, we would never ask for your passwords, PIN’s and personal details through an email, SMS or voice calls. If any of our bank personnel asks you for your password, do not disclose it and report the same immediately to us.
- Never respond to emails that request personal information.
- Do not click any links inside an e-mail of which you have the slightest suspicion. Instead use a web browser to reach a particular web address. Type http://www.banksohar.net instead of clicking on the link.
- Check whether the site that you are visiting is genuine: Before submitting your bank details or other sensitive information, the following checks will help ensure the genuineness of the site.
- Always login via www.banksohar.net
- The internet banking site address should start with “https://” (‘s’ stands for secured) rather than the usual “http://”. Please note that the fact that website is using encryption doesn't necessarily mean that the same is legitimate. It only tells you that data is being sent in encrypted form.
- Look for the padlock symbol () in the Bank Sohar secured login/ sign-in page and double click on it to view the certificate. The padlock symbol is at the bottom status bar or in the address bar of the page.
- Keep your password confidential and change them often. Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.
- Always use Virtual Keyboard provided for entering passwords when you are accessing the internet banking site from a Cyber Cafe/Public computer.
- If you receive any e-mail claiming to be from Bank Sohar regarding updating sensitive account information or clicking a link for login into the Bank’s Internet Banking site , please let us know by forwarding the e-mail to firstname.lastname@example.org or call our call centre on +968 2473 0000.
If you suspect that you have become a victim of a Phishing attack and already have divulged your sensitive account information to fraudsters, please report the same to the nearest branch or call the call centre or write in to us at email@example.com