PRECAUTIONS FOR SAFE BANKING


In today’s digital and advanced technology world, the ratio of cyber frauds related to stealing of personal password, debit / credit card details, PIN, other confidential details through multiple channels are increasing day by day.

It is necessary to protect confidential & sensitive details from fraudsters by adopting best security practices and applying them. We suggest following guidelines to avoid being the victim of fraud.

Please be careful of scam calls or notifications from persons or parties impersonating to be from Doha Bank / Customer Care / CID /Central Bank requesting to update your banking records instantaneously.

DO NOT share any sensitive information related to QID, OTP, Card & PIN or Passwords over phone, email and or any other means. Doha Bank will never call or send notifications for updating Bank records over phone call.

Monitor your transactions regularly. If you find any irregularities report the transaction to the bank. In case of suspicion (if there have been any unauthorized transactions), report the matter immediately to us on our 24-hour customer care number (+974) 44456000.

Report such suspicious communication / transaction immediately on (+974) 44456789.

Note: Important notification to avoid getting scammed during Events

  1. Be aware of fake ticketing websites / apps and only purchase tickets from official sources.
  2. Be cautious of emails and text messages that claim to be from official organizations.
  3. Don’t click on any links or attachments with regards to event unless you’re sure they’re legitimate.
  4. Don’t accept any cheap travel and ticket offers from fake websites related to event.
  • Changing passwords often helps in protecting your account from misusing even if it would have disclosed unintentionally or shared with someone. Do not use the same password for all your Bank accounts and other social media / email accounts.
  • Please ensure that anti-virus software is installed on your PC and regularly updated. The Operating systems and security patches should be updated regularly. It is prudent to enable the inbuild firewall on your PC to prevent any unauthorised control and access to data on your PC while surfing the internet.
  • Before submitting your banking details or other sensitive information, the following checks will help ensure that the site uses encryption to protect your personal data
    • If the address bar is visible, the URL should start with ‘https://’ (‘s’ stands for secured) rather than the usual ‘http://’. Please note the fact that website is using encryption doesn’t necessarily mean that the same is legitimate. It only tells you that data is being sent in encrypted form. Look for the padlock symbol on the left corner of address bar of the browser to ensure that the site is running in secure mode.
  • Do not disclose any personal information like your date of birth, billing address, etc., on the Internet because that can be misused in order to unlock your account password.
  • Never let anyone know your passwords, do not write them down on paper
  • Disable the “Remember Password” and “Auto Complete” function on your browser to prevent your browser from remembering Passwords
  • Always logout from active login to terminate your session, instead of closing the browser directly.
  • Always type the address of the bank website in the address bar of your browser or access it from your stored list of favorites.
  • Secure your device with biometric, PIN or pattern. Always keep strong password for your account, using special characters like # $ @ ! etc. in your password is highly recommended.
  • Don’t use unsecured open/public computer / Wi-Fi network to access mobile banking app and internet banking.
  • Don’t download from open-source apps and always download apps from app store and play store.
  • Don’t connect your mobile device to a data cable connecting device and share storage connection.
  • Avoid opening or replying to spam emails, even if purportedly sent by the Bank. Sometimes the fraudster tries to convince user by showing legitimacy of email / SMS & gain confidence for attracting user for performing further action.
  • Do not access the bank website through a link in an email or through another website which is redirecting to bank’s site.
  • Do not fall prey for phishing emails, phishing is a technique where customer receives email/SMS depicting it’s sent by bank asking for personal information like account numbers, internet banking user IDs and passwords, OTP, PIN, CVV etc.,
  • The email is designed in such a way that it will look exactly same as an email sent by the legitimate bank.
  • The email may have the links such as “Please click here to update your Account Information in order to keep your Bank Account or the Card Active.
  • The email contains the URL or image once clicked the user will be redirected to some other website to capture the information such as Customer ID, Password, Card details etc.,
  • Never click on any link or enter your login ID and password without verifying the authenticity of the web page.
  • To validate the authenticity please do check address bar is secure i.e., https:// and site address is https://online.qa.dohabank.com/ while doing login to internet banking.
  • Changing PIN (Personal Identification Number) often helps in protecting your account and misuse of debit / credit card even if it would have disclosed unintentionally or shared with someone.
  • Never let anyone know your PIN (Personal Identification Number), do not write them down on paper.
  • Never leave your debit / credit card unattended.
  • Never accept help from strangers when using an ATM.
  • Do not count your cash in front of the ATM.
  • When using your cards at ATM’s be alert that there are no additional devices (skimming machine) affixed on the card reader slot or keypad.
  • Cover yourself while entering PIN in ATM machine to make sure nobody sees your PIN.
  • Always fill any forms with your own pen and by yourself. Fraudsters may use vanishing ink to write the details and secure your signature using your pen.
  • Always check your card whether it is returned to you after a purchase. Make sure it is your card.
  • Enter the Debit / Credit Card PIN by yourself and don’t share the PIN with anyone.
  • Always collect the POS receipt to monitor the transaction.
  • Verify the amount before entering the PIN or taping the card.
  • Do not deposit the carbon print in any baskets at the swiping centers post making transaction.
  • It is also called as voice-based phishing. Vishing is very similar to phishing – the only difference is the technology & way of communication.
  • Vishing is a fraud in which the customers are tricked into revealing their critical and sensitive personal financial information to unauthorized persons / entities through voice-based technology. The vishing attacks are also being carried out using various voice-based channels like ISDN PRI (primary Rate Interface), Mobile PRI (Primary Rate Interface), VOIP, Landline or Mobile telephone etc.
  • Difference between phishing & vishing is that phishing involves the use of emails to trick you into providing your personal details whereas vishing involves voice or telephone services.
  • Fraudsters will ask you for bank details to claim prize money won through Lottery ticket.
  • Sim Swap fraud – If you find no network in your phone for the connection report immediately to telecom service provider. Fraudster will obtain replacement of your sim card to access your connection.
  • A typical vishing call involves a scammer, posing as an employee calling from your bank or another organization asking for your personal details & scammer could convince you to divulge the information with multiple reasons to seek the information from you.
  • Regardless of the story you are told, the scammer will be aiming to convince you to share the confidential personal and banking information, such as your QID, PIN or password. Even if you use your telephone keypad or keyboard to type in your details, if you are on the line with a scammer, the scammer can record them.