KNOW YOUR THREATS
COMPROMISED CARDS
A Compromised Card is a Credit or Charge Card that information may have been obtained by an unauthorized source and at risk of being used for fraudulent activity.
A Compromised Card is a Credit or Charge Card at risk of being used for fraudulent activity. Cards can be compromised following the theft of a computer, an unauthorised network intrusion, or other types of suspicious activity. Cards can also be compromised during a transaction, where you shop or as your Card number and payment information travel electronically through a processing system. Examples of this include:
Shop clerks taking extra imprints of your Card.
Thieves obtaining your Card Account details from discarded receipts.
A cashier swipes your Card in a handheld device known as a skimmer.
Phishing attacks.
A Compromised Card is a Credit or Charge Card at risk of being used for fraudulent activity. Cards can be compromised following the theft of a computer, an unauthorised network intrusion, or other types of suspicious activity. Cards can also be compromised during a transaction, where you shop or as your Card number and payment information travel electronically through a processing system. Examples of this include:
Shop clerks taking extra imprints of your Card.
Thieves obtaining your Card Account details from discarded receipts.
A cashier swipes your Card in a handheld device known as a skimmer.
Phishing attacks.
We take every compromise case very seriously. If you are the victim of a compromise case, we will issue you a Replacement Card. Moreover, if we come to learn of a known attack in advance, we will endeavour to notify you over one or more of our communication channels (phone, SMS, and/or by e-mail).
We take every compromise case very seriously. If you are the victim of a compromise case, we will issue you a Replacement Card. Moreover, if we come to learn of a known attack in advance, we will endeavour to notify you over one or more of our communication channels (phone, SMS, and/or by e-mail).
A Replacement Card is identical to the current Card type you hold, however, the number on your Card and other details will change to prevent any fraudulent activity. Please note that your Card Account Number and previous Account history will remain the same.
A Replacement Card is identical to the current Card type you hold, however, the number on your Card and other details will change to prevent any fraudulent activity. Please note that your Card Account Number and previous Account history will remain the same.
Activate the new card once received, this step by default will cancel the existing compromised card permanently, cut up the old compromised Card and start using the new replacement Card immediately.
Activate the new card once received, this step by default will cancel the existing compromised card permanently, cut up the old compromised Card and start using the new replacement Card immediately.
No, there is no charge for your Replacement Card.
No, there is no charge for your Replacement Card.
Compromises are serious. Fraudulent activities may occur any time if the Card is not blocked and necessary measures are not taken. While many Cardmembers do not experience fraud when a compromise is reported, the risk of exposure still exists if the Card is not blocked and replaced. To protect our Cardmembers and minimise inconvenience and losses, American Express Middle East blocks and replaces all Compromised Cards.
Compromises are serious. Fraudulent activities may occur any time if the Card is not blocked and necessary measures are not taken. While many Cardmembers do not experience fraud when a compromise is reported, the risk of exposure still exists if the Card is not blocked and replaced. To protect our Cardmembers and minimise inconvenience and losses, American Express Middle East blocks and replaces all Compromised Cards.
You should contact the merchant(s) immediately upon receipt of your Replacement Card(s) and provide them with the new Card number and expiration date.
You should contact the merchant(s) immediately upon receipt of your Replacement Card(s) and provide them with the new Card number and expiration date.
It may, but each Card Number is unique. If your Supplementary Cardmembers were also compromised, we will take the same measures with each of those Cards as we have with yours.
It may, but each Card Number is unique. If your Supplementary Cardmembers were also compromised, we will take the same measures with each of those Cards as we have with yours.
The information encoded on the Compromised Card pertains strictly to the Card, potentially including the Card number and expiration date. Confidential information such as national ID or passport number, addresses and dates of birth are not stored on the Card.
The information encoded on the Compromised Card pertains strictly to the Card, potentially including the Card number and expiration date. Confidential information such as national ID or passport number, addresses and dates of birth are not stored on the Card.
COUNTERFEIT / SKIMMED CARD FRAUD
A counterfeit, cloned, or skimmed Card is one that has been printed, embossed, or encoded without permission from a Card issuer or was validly issued and then altered or re-coded.
Most cases of counterfeit fraud involve skimming, a process where the genuine data on a Card's magnetic stripe is electronically copied onto another Card, without the Cardmember's knowledge. Skimming can occur at retail outlets (where a corrupt employee puts a Card through a device that electronically copies the data from the magnetic stripe) or at ATMs (where tampering has occurred, and a skimming device has been fitted to the ATM).
Warning Signs
A shop assistant takes your Card out of sight to process your transaction.
You are asked to swipe your Card through more than one machine.
You see a shop assistant swipe the Card through a different machine than the one you used.
You notice something suspicious about the Card slot on an ATM (e.g. an attached device).
You notice unusual or unauthorised transactions on Card Account Statements.
Safety Tips In a Store
Keep an eye on your Card while it is being processed – look out for cashiers who swipe your Card through more than one Card reader. This could be a sign that they are capturing the information on the magnetic stripe of your Card to make a counterfeit copy, a practice known as ‘skimming’.
Ask questions – If you notice that a cashier swiped your Card through more than one Card reader, ask why. There are some legitimate reasons for swiping Cards through more than one Card reader, such as, a merchant’s cash register is not connected to its point-of-sale authorisation terminal. However, it is better to ask questions if you are concerned about a merchant’s practices.
Ensure that you get your Card back immediately after every purchase – one of the easiest ways for thieves to obtain your Card information is for them to steal your Card.
Check your Card when returned to you – ensure the Card you gave to the cashier is the same one you got back and that the Card has not been altered.
Safety Tips in an ATM
Be wary of suspicious machines. While most skimming devices are nearly undetectable, some of the poorer skimmers will look conspicuous when installed improperly. If there are multiple ATMs in the area, ensure that the slots all look identical. Look for protrusions from the slots, variations in the colouring on the machine and deviations in style in signage. Beware of makeshift signs that instruct you to “swipe here first” or “use only this machine,” especially when the other ATMs appear functional.
Use only secure ATMs. Use ATMs that are located indoors, ideally inside your bank. ATMs located on the street in sparsely trafficked areas and ATMs not monitored by cameras are more prone to compromise.
Check the area for unauthorised cameras. Some cameras can be as small as a pinhole and can be affixed to brochure holders or right along the Card slot. Most banks will monitor their machines with cameras, but legitimate cameras will not have a view of the keypad.
Do not accept help from strangers. If you are having difficulty using a machine, do not allow someone else to direct you to another ATM or handle your Card. They may swipe your Card surreptitiously through a handheld device or bring you to a compromised machine.
IDENTITY THEFT
Account Take Over Fraud occurs when a criminal uses fraudulently obtained personal information to access and use Card accounts in someone else’s name.
This involves criminals gathering personal information about the intended victim. The criminal will then contact the Card issuer (pretending to be the genuine cardholder) to change the security and/or address details on the account without the genuine Cardholder's knowledge and then arrange for a replacement Card and/or PIN to be sent to a different address.
How does Identity Theft happen?
Identity theft commonly begins with the loss or theft of a wallet or purse. But there are many other ways that criminals can obtain and use your personal information to commit identity theft. The following are some examples:
Phishing
Refers to fraudulent communication designed to deceive consumers into divulging personal, financial or account information. Phishing (pronounced “Fishing”) e-mails continue to be prevalent for individuals and companies.
Spoofing well-known companies, these e-mails ask consumers to reply or click a link to a fraudulent web page which will ask for personal information, such as their credit card number, Social Security number, or account password.
What are Phishing e-mails looking for:
Password or PIN.
Card validation code.
Card number.
Passport or national ID number.
Date of birth.
Billing or residential address.
Contact numbers.
These fraudulent e-mails are often difficult to identify and often, but not always, contain attachments. However, there are some techniques you can use to protect yourself. Below are some examples:
E-mail greetings
Always be suspicious of e-mails that do not greet you by name. While not impossible, it is more difficult and costly for phishers to associate an e-mail address with the e-mail owner's name on a mass scale. Because of this, phishing e-mails most often are addressed generically like "Dear Customer" or "Dear Cardmember".
When you receive an e-mail from American Express related to your Card Account, it will never include your full Card Account number. If you receive an e-mail regarding your American Express Card Account and it contains this information, it may be fraudulent. If you are concerned about the legitimacy of an e-mail from American Express, you can forward the e-mail to fraudprotection@americanexpress.com.bh. If the e-mail is fraudulent, we will take the appropriate actions.
Sense of urgency
Phishing e-mails often try to create a false sense of urgency, intended to provoke the recipient to take immediate action; for example, phishing e-mails frequently instruct recipients to "validate" or "update" account information or face cancellation. Be very cautious of any e-mail asking you to update sensitive information, particularly if it has a generic greeting.
Urgency of messages are commonly justified with:
For security maintenance of your account.
For investigations of irregularities.
Your account has been frozen.
We need to reconfirm your details.
Your credit card has been cancelled.
Technical tips to protect yourself online
Install and upgrade the latest security updates and patches.
Equip your computer with effective virus software.
Use a personal firewall.
Use anti spyware programme.
Keep your password secure.
Always log off.
Protect your computer with password.
Disable the AutoComplete function.
Secure your wireless network.
Don’t use administrator mode.
Block/report spam E-mails.
Save the official American Express URL in favorites
Phone Phishing
Another way fraudsters try to collect sensitive information from you. In this type of fraud, the fraudster will contact you by telephone or send you a fake e-mail and ask you to respond by telephone.
If you are ever in doubt about American Express contacting you by phone, call the number on the back of your Card or Card Account Statement. Be sure to enter your Card Account number when prompted. You will connect to the correct department for assistance.
What should you do if you suspect an E-mail is a Phishing attempt?
If you receive an e-mail claiming to be from American Express that you believe to be suspicious:
Do not click on hyperlinks or open attachments.
Check our official website http://www.americanexpress.com.bh if the embedded link exists.
Forward the e-mail immediately to fraudprotection@americanexpress.com.bh
Delete the original phishing message from your inbox.
We will review the e-mail. If it is fraudulent, we will take appropriate action. Please note that you will receive an auto-response from American Express acknowledging the receipt of your e-mail.
Click here to learn what to do if you have entered sensitive information on a fraudulent website.
LOST AND STOLEN CARD FRAUD
This type of fraud occurs when a Card is physically stolen or lost and is then used by a criminal, posing as you, to obtain goods and services.
Safety Tips
Always sign your new Card(s) as soon as they arrive.
Always store your Card(s) in a secure place where you will immediately know it is missing “i.e. Home or Office safe”.
Never leave your purse or wallet in your car unattended.
Never leave your Card(s) unattended in a bag, briefcase, or jacket pocket in a public place. Keep them on your lap.
Be careful not to place your bag or briefcase under your seat in a restaurant/train.
Always store statements & receipts securely. Once not needed, destroy securely using a shredding machine.
Never leave your Card(s) or other valuables unattended in a hotel room or on the beach.
Never store your Card(s) and PIN details in the same place.
Never hand your Card to anyone.
Monitor your Card Account activity online to stay up-to-date and check for irregular activity.
Call and verify the source of SMS messages or emails you may receive from American Express asking for your Card number or details.
Report a lost or stolen Card immediately.
If you lose your Cards, your Card is stolen, or your Personal Identification Number (PIN) became available to any other person, inform American Express Middle East immediately by telephone at (+971) 4 4492222.
You may also block your Card through our AMEX Mena mobile app by clicking on “Report lost or stolen Card” or reach to us via the live chat option.
Our Customer Services unit can be reached 24/7 to deal with instances such as these.
CARD NOT PRESENT FRAUD
Card-Not-Present Fraud includes fraud conducted over the Internet, by telephone, or mail order. It is committed when criminals obtain Card details through theft. With this type of fraud, neither the Card nor the Cardmember is physically present.
Card-Not-Present Fraud has become one of the most common types of Card fraud. However, its growth comes alongside the tremendous expansion in online shopping and the increasing numbers of businesses that accept Cards remotely.
Using your Card on the Internet
Shopping on the Internet has become a multi-million dollar business. Most online sales are safe, but as online purchases have increased, so have incidents of online Card Fraud. There are, however, several steps to take to reduce the likelihood of becoming a victim of online Card Fraud.
Safety Tips
Deal only with reputable companies.
Know who you are dealing with - get the seller's phone number and postal address.
Ensure the website you access has a physical address and phone number so you can call for additional information.
Be extra careful when providing personal information over the telephone or internet.
Ensure your browser is set to the highest security notification and monitoring level. The security options are not always activated by default when you install your computer.
Click on the security icon to ensure the retailer has an encryption certificate. It should explain the type and extent of security and encryption it uses.
Ensure that the locked padlock or unbroken key symbol is shown in the bottom right of your browser window before sending your Card details. The beginning of the retailer's internet address will change from 'http' to 'https' when a purchase is made using a secure connection.
Be sure to deal with companies that post their privacy policy on their websites and read the privacy policy.
Check your Card Statement as soon as you receive it. Look for any transactions you do not recognise and report them immediately to American Express.
When using your Card for telephone purchases/orders:
Never give your Card number to someone calling you on the phone, even if the caller says it is to claim a prize or award.
Have the Card in front of you. The retailer will ask you for information including, the Card number, expiry date, the four-digit Card Security Code, and your name as it appears on your Card.
Always ask the retailer to confirm the full price being charged to your Card, including any booking fees and shipping and handling charges. Make a note of this at the time.
If the retailer sends you written confirmation of the order, check the bill to ensure it is correct. Keep any such receipts and check them off against your next statement.
MAIL NON-RECEIPT CARD FRAUD
This type of fraud involves a Card stolen in transit once it has been mailed out. At particular risk for this type of fraud are properties with communal letterboxes, such as flats and student halls of residence.
Safety Tips
Check your Card Account Statements as soon as they arrive and be aware of the expiry date of your Card(s) so you know when a new Card is due to arrive.
Notify your Card Company of any change of address immediately.
Keep track of your billing cycle – if your Card Account Statement doesn’t arrive when expected, please contact American Express.
Arrange for mail suspension when you go on holiday or arrange for someone you trust to take care of it.