Fraud Awareness and Prevention - REaD Alert

Fraudsters don’t wear masks and don’t break into vaults. They pose as customer service agents. They send “urgent” texts. They mimic official websites. Citi’s Faces of Fraud campaign exposes the tactics scammers use to trick, impersonate, and steal to show you how to stop them in their tracks.

Be Aware Of The Top Three Scams In Dubai:

01.OTP & Verification
Code Scams

They ask for one code. They take everything. Scammers may claim to be from Citi and ask for your One-Time Password (OTP), push notification approval, or soft token. Don’t share any code, even if they seem legit.

Remember, Citi will never call, email, or message asking for verification codes.

02.Impersonation on Social Media & Messaging Apps

They don’t just call. They slide into your DMs, too. Fraudsters are now contacting people via WhatsApp, TikTok, Snapchat, and other platforms, pretending to be Citi staff, government officials, or even family members in trouble. If it feels rushed, emotionally charged, or suspicious in any way, it probably is.

03.Phishing Scams &
Too-Good-To-Be-True Offers

Fake websites with real consequences. You may receive emails, SMS, or pop-ups offering unbelievable deals, like fake discounts for Museum of the Future, Salik top-ups, traffic fines, or mobile recharges. These scams lead to fake pages designed to steal your information. Only trust official Citi platforms and payment channels.

Stay Vigilant. Stay Informed.

Fraud is always evolving, but the best protection is simple, pause and think. Don’t just click.

Explore our full guide to staying safe: click here to find out more

Steps to take if you suspect a possible fraud

Read it Twice

Scammers will bank on your inability to notice minor details and often create scenarios where you feel pressure to give your details. Explore this platform for interactive resources and guides to stay one step ahead of them.

Pause and observe

Take your time to fully understand the request or offer, especially if it requires you to share your personal information. Verify the sender’s information and do more research before you reply.

Report

Whenever you encounter suspicious material, report the activity to Citi or a relevant party and spread scam awareness.

Types of fraud and how to avoid them

Online/Mobile
Phishing
Vishing
Credit/Debit Card
Internet Fraud

Citibank Online

Citibank Online is a fast and safe way to manage your money; however, it is important to be aware of steps you should take to protect yourself against online fraud.

Citibank staff will never ask for your Citibank Online user ID and password.
Never give your password or PIN code details to anyone. None of our staff will ask you to voice out your t-PIN, e-PIN or ATM PIN.
Safely log on to Citibank Online Banking by entering the homepage of Citibank UAE www.citibank.ae(opens in a new tab) into your browser. Do not use website address or links attached in any e-mail or found through Internet search engines to log on to Citibank Online Banking.
Ensure that no one is watching you while you key in your Online Banking Password, Card Number, ATM Card/Credit Card Personal Identification Number (PIN), log on password, e-Statement password, or any other sensitive information.
Always log off your online session. Do not just close your browser. Follow the logoff instructions to ensure your protection.
Be aware of phony "look alike" websites which are designed to trick customers and collect their personal information. If you suspect a website is not what it purports to be, leave the site. Do not follow any of the instructions it may present to you.
Be alert to the threat of phishing. Phishing emails will attempt to trick recipients into disclosing sensitive personal information, such as user names, passwords and credit card details, by claiming to come from a genuine source. They are often extremely authentic looking and will direct users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Never reply to emails that request your personal information and do not open emails from senders you do not recognize.
Do not use a shared computer or device that cannot be trusted for Online Banking.
Make sure your personal computer has the most current anti-virus software. Anti-virus software needs frequent updates to guard against new viruses.
Install a personal firewall to help prevent unauthorized access to your personal computer, especially if you connect through a broadband connection, network router, cable or DSL modem.
Clear your browser's cache and history after each session to ensure your account information is removed, especially if you are using a shared computer.
Be cautious of your wireless connections security, set a personal and unique password for your wireless network.
Do not install software or run programs from an unknown origin.
When creating passwords, try and use a mixture of letters and numbers and do not use personal information, such as date of birth or mother’s maiden name.
Do not use the same password for all your accounts.
Check your accounts on a regular basis and contact us immediately should you encounter any difficulties or irregularities.

If you are ever in doubt or you are suspecting that your online or personal security details may have been exposed, please contact our 24-hour Citiphone Banking Service at +971 4 311 4000 and a Citiphone Representative will be glad to assist you.

Mobile Banking

Install security patches and the latest software updates on your mobile phone. Do not download program/apps from unsecured sources.
Ensure that no one is watching you while you key in your User ID, Password, or any other sensitive information.
Always log off from your online session. Do not just close your mobile phone browser. Follow the logoff instructions to ensure your protection.
Set up a password for your mobile phone. This will help you prevent unauthorized use of your mobile phone and access to your personal information in case it is lost or stolen.
Remove temporary files and the cache stored in the memory of your mobile phone regularly since they may contain sensitive information such as your account number.
Delete sensitive SMS messages if they are no longer required and clear the browsing history regularly.
Do not leave your mobile phone unattended.
Avoid sharing your mobile phone with others.
Do not keep sensitive information such as your account numbers, PIN and logon passwords in your mobile phone.
Citi will never ask you to download external apps.

"Phishing" is an internet scam whereby fraudsters send emails with the intention to collect critical personal and financial information. These "phishing" emails look genuine and appear to be coming from a legitimate bank. They always contain a link to a "spoofed" website asking you to provide an update or confirm sensitive personal information and / or download and install “security software” by clicking on a link. Typically these emails will:

Carry a message stating urgent action is required due to a system or security upgrade.
Contain a warning stating that your account / card has been suspended or will be suspended and that you need to visit a “secure” link to activate or restore your account / card.
Contain a link to update your contact details like mobile number or email address. Clicking on the link would open a webpage which may appear to be very similar to Citibank Online but would actually be a spoofed site.

How to protect yourself

To access your account at Citibank Online always type www.citibank.ae(opens in a new tab) directly in the address bar of your browser.
DO NOT click on any link contained in emails even if it claims to take you to your account at Citibank Online as the underlying hyperlink could lead to a malicious site.
If you receive an email claiming to be from Citibank asking for your financial or confidential information or stating that your account has been suspended, do not respond. Forward the email to spoof@citicorp.com and then delete it from your inbox.
Do not send sensitive personal or financial information unless it is encrypted on a secure website. Regular e-mails are not encrypted.
In case you have inadvertently clicked on a link or responded to an email providing confidential information, please call our 24-hour Citiphone Banking Service at +971 4 3114000 immediately. Ensure to forthwith re-set your Citibank Online User Name, Password and ATM PIN/TPIN.
Ensure to keep your PC / Smartphone updated with latest Operating system patches and security software from a trusted vendor (Antivirus, Anti malware and Anti spyware).
Never download and install untrusted software as these may place key-loggers/malware on your PC/Smartphone which can capture all information that you type and send it to a hacker.
Be careful when you use a PC at a public place or one not having the latest security software.
Always log off by clicking on the “Log Out” / “Sign Out” icon on the Citibank Online website.
Never store your password or account/card information on paper or electronically on word, excel or text documents. Always keep your PC/Smartphone protected with a password/PIN.
When creating passwords, try and use a mixture of letters and numbers and do not use personal information, such as date of birth or mother’s maiden name.
Never reply to emails that request your personal information and do not open emails from senders you do not recognize.

Top Tip!

Citibank will never send you a communication asking for your confidential or sensitive information like Username, Password, Card or Account number, ATM PIN, Telephone PIN, OTP, Mothers maiden name, Date of birth etc.
You can hover your mouse pointer over hyperlinks (or buttons) to see the underlying website URL.

"Vishing" is a fraudulent scam whereby fraudsters make phone calls with the intention to collect critical personal and financial information. The fraudster might telephone you claiming to be from Citibank, in an attempt to obtain your personal information and make fraudulent use of your card/s or to access your account/s.

How to protect yourself

Do not assume a call is genuine because they know your name, or other personal information.
Do not assume a call is genuine by the caller ID information.
If you are suspicious say no to requests for information. To validate the call please call our 24-hour Citiphone Banking Service at +97143114000.

Top Tip!

Citibank will never call you asking for confidential or sensitive information like Username, Password, Card or Account number.
Citibank will never ask you to voice out your ATM PIN, Telephone PIN, and OTP.

Credit /debit card fraud is a crime when your credit / debit card can be reproduced in order to use the credit balance to obtain a financial benefit. The creation and/or alteration of a credit/debit card occur when the information contained on the magnetic strip is compromised. This type of crime is known as ‘skimming’.

Credit /debit card fraud can also occur when your card is lost or stolen and used by a third party to purchase goods or to withdraw cash from the cards.

Your cards can also be compromised by a dishonest merchant who undertakes unauthorized duplicate transactions on your card.

How to protect yourself

Memorize your personal identification number (PIN). Don't use the same PIN for all your cards, and don't choose your birth date or other easily identifiable numbers that might be on something else in your wallet.
Do not use the same ATM card/credit card PINs for accessing other services.
Change your ATM card & credit card PIN regularly.
Never disclose your PIN information to a third party and never store your PIN in a way that it could be recognized.
If your PIN is lost or has been identified by another person, please contact your bank to report the case immediately.
Check statements and call us immediately if you see anything suspicious on your statement.
Always keep your cards in your possession and never let them out of your sight especially in restaurants.
Always sign your card in ink as soon as you receive it.
Be careful when disposing of receipts from card transactions, as they will contain sensitive information. If possible, shred all unwanted receipts.
Do not give your card to another person to use.
Try to use ATM’S which are positioned in busy, well lit areas and if you spot anyone suspicious hanging around do not use it.
Fraudsters use devices to steal your card details and PIN so before you use an ATM, look for any signs of tampering or damage.
Shield your PIN when authorizing purchases or making cash withdrawals from an ATM.
If your card is retained call us immediately.

Paying by card is the most frequently used payment option and more and more customers’ everyday are opting to choose internet shopping. However we all need to be vigilant whilst shopping online to prevent ourselves from the possibility of falling victim to fraud.

This crime involves the theft of genuine card details that are then used to buy things over the internet or by phone, fax or mail. Always be aware of who you are dealing with.

How to protect yourself:

Avoid entering your card details on shared or public computers.
Always remember to log out of any websites where you’ve entered your card details.
Only enter your card details on secure sites (i.e., those whose web address begins with ‘https’ and have a padlock in the browser window).
Keep a close eye on your statements and report any fraudulent transactions immediately.

Spotting real vs. fake advertising: Tips to protect yourself

What is homograph phishing?
75% fake free discounts
Immigration imitation

What is homograph phishing?

Homograph phishing is a type of online scam where attackers use characters from different alphabets that look identical or very similar to trick users into visiting malicious websites. These characters, known as homographs, can be used to create deceptive URLs that appear legitimate.

What should you do?

Examine the web address for unusual characters, misspellings, or irregularities.
Ensure the domain or sender name is legitimate.
Hover over links to preview the actual URL before clicking.
Employ software that can help identify and block phishing attempts.

75% fake free discounts

Fake discount scams are one of the most popular forms of online fraud. Scammers will offer big deals or discounts to your favorite brands and trick you into revealing personal or financial information.

What should you do?

Be cautious of big discounts or offers that seem too good to be true.
Check the legitimacy of the website or seller by researching reviews and verifying contact information.
Avoid clicking on links in unsolicited emails or messages promoting discount offers.
Beware of urgency tactics such as limited-time offers or countdown timers.
Use secure payment methods and payment portals.

Immigration imitation

Residency renewal scams targeting immigrants or expatriates are a popular way to obtain your personal information or payment for fake renewal services. Scammers will impersonate government officials or immigration agencies to create a sense of urgency and fear.

What should you do?

Verify the authenticity of the communication by contacting the official government agency directly.
Be wary of unsolicited emails, phone calls, or messages claiming to be from immigration authorities.
Check for grammatical errors or inconsistencies in the communication.
Educate yourself about the legitimate renewal process for your residency status.
Report any suspicious communications or requests.

Life & Money

Find out more about fraud and how to stay vigilant to the common scams out there. Read more!

Be Aware Of The Top Three Scams In Dubai:

01.OTP & Verification
Code Scams

02.Impersonation on Social Media & Messaging Apps

03.Phishing Scams &
Too-Good-To-Be-True Offers

Stay Vigilant. Stay Informed.

Steps to take if you suspect a possible fraud

Read it Twice

Pause and observe

Report

Types of fraud and how to avoid them

Spotting real vs. fake advertising: Tips to protect yourself

What is homograph phishing?

What should you do?

75% fake free discounts

What should you do?

Immigration imitation

What should you do?

Life & Money

Hit by bank fraud in the UAE? Here’s what to do next(opens in a new tab)

Citibank Security Tips for Fraud Protection(opens in a new tab)

Five Common Types of Fraud(opens in a new tab)

Safety and Security Tips to Guard ATM/Debit Card Fraud(opens in a new tab)

Important Information

Be Aware Of The Top Three Scams In Dubai:

01.OTP & Verification Code Scams

02.Impersonation on Social Media & Messaging Apps

03.Phishing Scams & Too-Good-To-Be-True Offers

Stay Vigilant. Stay Informed.

Steps to take if you suspect a possible fraud

Read it Twice

Pause and observe

Report

Types of fraud and how to avoid them

Spotting real vs. fake advertising: Tips to protect yourself

What is homograph phishing?

What should you do?

Life & Money

Hit by bank fraud in the UAE? Here’s what to do next(opens in a new tab)

Citibank Security Tips for Fraud Protection(opens in a new tab)

Five Common Types of Fraud(opens in a new tab)

Safety and Security Tips to Guard ATM/Debit Card Fraud(opens in a new tab)

01.OTP & Verification
Code Scams

03.Phishing Scams &
Too-Good-To-Be-True Offers