Several credit cards are being replaced across the UAE by some banks following a possible security beach involving online hackers.
'Emirates24|7' has learnt of at least two banks that have issued warnings to their customers and blocked their cards in order to issue replacement cards.
A call centre executive at an Abu Dhabi-based bank said on Monday that the bank is in the process of reissuing several affected credit cards following an online security breach.
“Not all cards and customers are affected. But at least several hundred customers are being issued new credit cards,” the executive said.
The bank had earlier sent SMS notifications to some of its cardholders informing them of the blockage and that it was just a precautionary measure.
“Dear Customer, Recently there have been incidents of fraudulent card transactions. As a precautionary measure, your XXXXXX Credit Card ending XXXX has been blocked to prevent any unauthorised use. The replaced Credit Card will be dispatched to you shortly. Please call 800XXXX for any information,” reads the text message.
When this website called the bank’s call centre to enquire, it was told: “Your card is not affected but hundreds of other cards could be vulnerable. I am not aware of the exact nature of the breach, but there has not been any successful fraudulent withdrawal. We are taking this step as a precautionary measure.”
A message from another bank stated the same. “Dear Customer, your credit card ending with XXXX is blocked for security reasons. New replacement card will be dispatched via courier within five working days. For more information please contact 800XXXX. Regards, XXXX.”
However, a call centre executive at this bank categorically said that it was an individual case and there had been no large-scale security breach.
“If a customer has received an alert, it might be because there was an [unauthorised] attempt to use his card.
"Otherwise, we do not have any security issue,” the call centre executive, from the section where lost cards are reported, said.
Meanwhile, a Dubai-based bank also had a message to some of its customers stating that international transactions were being blocked.
“Dear Customer, we will be restricting international usage on your credit card due to a possible security alert but you can continue using your card in UAE. To allow international usage please contact us at 600 XXXXXX,”
The bank, however, could not be reached for comments.
Last month, local media had reported about 12 UAE banks being hit by a Trojan virus - Infostealer.Dyre.
The virus mainly gets into machines that operate Windows and installs malware to steal banking information.
It is not known whether the latest breach is related to last month’s virus reports.
However, online security firm Kaspersky Lab in its latest announcement has warned that mobile banking has remained a main target for mobile threats.
The Trojan-SMS.AndroidOS.OpFake.cc which was capable of attacking no less than 29 banking and financial applications earlier has a latest upgrade.
“The Trojan’s latest version that emerged in Q2 is capable of attacking 114 (four times more) banking and financial applications.
Its main goal is to steal the user’s login credentials with which to attack, among others, several popular email applications,” said a note released by Kaspersky.
According to it there were 5,900,000 notifications about attempted malware infections to steal money via online access to bank accounts.
Amid the onslaught, credit card firms have been taking increasing measures to mitigate the threat.
“In the event of a data breach involving payment card data, Visa works with the breached entity and their financial institution to provide card issuers with the compromised accounts so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards.
"Because of Visa's advanced fraud-monitoring capabilities, the incidence of fraud involving compromised accounts is actually rare, and fraud rates remain near historic lows,” said a statement from Visa.
“We are aware of reports of a potential incident, but don’t have any details to share at this time. To be clear, MasterCard's own systems have not been impacted. Safety and security is our number one priority at MasterCard. We always encourage cardholders to review their account statements and activity, and to subscribe to SMS alerts for transactions if available. If they suspect fraudulent or unusual transactions, they should contact the bank that issued their card for assistance and more information,” a MasterCard statement said.