Related pages
Most visited pages
  • Multinationals in Iran
  • Banking Commitments
  • Banking for SMEs
  • Online Banking
  • Financial Statements

Fraud Prevention

Internet banking is a good way to do your banking transactions faster and more conveniently without need to visit a branch or spending a lot of time. The Middle East Bank receives a major portion of the customers’ requests and applications via electronic channels and offers a sizable percentage of its services through that channel. Currently, MEB offers deposit, card, facility and check services through this channel.

Here come some security tips for the customers.

Security tips for the services which need physical presence

Make sure the banking operation is finished

Do not leave the place unless you are certain that the processing and banking operations have finished and if there is a transaction failure, keep the receipt with you until you are sure that no money has been withdrawn from your account.

Keep the receipt

Do not discard the ATM or POS terminal receipts at the place.

Security precautions when entering the PIN

To protect your confidential information, when using your card in public places and entering the login password into the ATM or POS terminal, use your other hand as a protective shield. This is not against social norms and secures banking operations of people.

Do not disclose the card PIN to the salesperson

If a shop provides facilities to pay by a bank card, do not reveal your card password to the shopkeeper and enter the password yourself. The shopkeepers are required to cooperate with the customer and failing to do so, the customers have the right to make a complaint.

Keep safe distance when using an ATM

When using an ATM, be careful about your distance from others. This behavior shows respecting citizenship right and enhances using ATMs safely.

ATM conditions

If there seems to be anything unusual about the card-reading slot or cash dispenser slot (overlay/sticky tape, additional objects), report to the clerk in the branch during working hours and the clerks who are on 24-hour watch after working hours and use another cash machine.

Check the cash withdrawn

It is advisable to count the cash withdrawn from an ATM, later at a safe and proper place.

Make sure the ATM is genuine and not fake

When using ATMs or POS terminals, connected to Shaparak , make sure the machine is real, as far as possible, and then use it.

Security tips for the services which do not need physical presence

Some internet abuses to obtain confidential banking information, such as phishing, are carried out by fraudsters in a variety of ways, including making counterfeited websites which resemble the real one or sending text messages and emails, to steal secret information and abuse it. In order to prevent becoming a subject of internet abuse and forgery, it is recommended to observe the following pieces of advice.

  • Visit the genuine MEB website directly at www.middleeastbank.ir and click on “Internet Bank” button,
  • Do not respond, nor open, unknown emails,
  • Do not answer the emails soliciting your personal or financial information,
  • Do not fill in the forms nor click on hyperlinks in such emails,
  • Do not send your login PIN via email,
  • Refrain from visiting unknown websites and do not click on such links,
  • If you receive any suspicious emails, please forward it to:

security-info[At]middleeastbank.ir. The MEB security staff does investigate such emails and takes necessary preventive measures to stop similar attacks.

Make sure the website/gateway is real

Never write down your financial or banking information, such as account number, card number, PIN, card verification value (CVV2) and card’s expiry date on unknown and suspicious websites, social media, computer or mobile phone and verify credibility of the websites before visiting them. It is possible to view and check the address of the bank’s authentic websites/gateways on the CBI official website at:www.cbi.ir .Verify trustworthiness of the online shopping sites. Many abuses/ frauds are carried out through malicious websites, bank’s fake logos and advertising banners which bear fake security content and solicit the confidential information of the card. No website, except the banks’ authentic websites, is authorized to get access to confidential information of the cards.

Close the browser window if an error occurs

If there is any problem in the process of internet payment, showing an error message on the browser screen, close out the browser’s window and conduct payment operations again from the start. This way, there will be no possibility to return to previous page through “back icon”.

No key logger

Make sure there is no hardware/software key logger installed on the computer through which you enter your banking account information.

Avoid giving information via internet or text message

Never respond to cold emails/text messages, seemingly from the bank, asking the particulars and details of your card. Many email service providers have an option to report suspicious emails (For example, if you receive a suspicious email, it is recommended to block and report it by clicking “Report Spam” icon).

Do not install mobile banking applications received through email

Do not install the mobile banking software, linking to bank cards, received via email. If necessary refer to the main website/gateway of the bank.

Do not use publicly used internet (Wi-Fi) or computers

It is strongly advised not to log on to your internet banking account when you are at a public place like coffee nets, internet cafes, universities or other unsafe places. It is likely that the computers in such places are tampered with certain software or hardware to steal your username and password. In case you conduct your internet banking operations using publicly used Wi-Fi or hotspots or coffee nets, you must change your internet login password.

Be careful with using wireless connections

Using wireless internet access increases the wireless sniffing risk. Connect to wireless internet only when you are certain about the safety of your internet connection.

Use one-time-password

Use one- time password or token to connect to the banks’ internet gateway.

Do not activate “Auto save” option on your mobile phone

When using mobile banking and payment services, the mobile phone setting, or any other portable device, should be on a mode which requires the user to enter in the login password whenever the device is turned on and the user must strongly avoid setting the device on the mode which automatically connects to the banking account. If the mobile phone, used for mobile banking and payment services, is lost or stolen, inform the bank and the mobile phone service provider right away.

Login Password
  • Change your internet banking login password in three- month intervals,
  • Make sure to have your internet banking password at least eight characters long with a combination of lower case and upper-case letters, numbers and special symbols such as “@, %, ….”,
  • Do not use login passwords which are easy to guess, e.g. year of birth, birth certificate number, etc.
  • Do not write down your internet banking login password where it might expose your accounts to be misapplied in future. In addition, do not choose similar passwords for your cards or banking system logins.
  • When logging into your internet banking, make sure other people cannot see your password,
  • Do not share your internet banking password with another person(s).
Use updated antivirus software

If you use a personal computer (desktop, laptop, mini laptop, tablet) with Windows operating system, you need to install an antivirus, or preferably an internet security pack, on it. If you use smart phones or tablets with operating systems other than windows (such as Android or iOS) operating system, it would be better to first install a reliable antivirus and then log into your internet banking account. Make sure the personal computer you use to log into your internet banking account is not infected by malware.

Make sure to use updated browser

To enter internet banking, make certain the browser is updated and trustworthy. Make sure you are using browsers which link you through URL to payment gateways (e.g. Firefox, Chrome) (operating system, browser and other software installed on your computer and personal devices)

Avoid filter breaker software (such as VPN)

Never use filter breakers, such as VPN software or Proxy filter breaker programs to log into internet banking.

Check the internet address

Make certain to check the internet address (internet banking URL) of the destination bank and ensure the webpage starts with “https” and has the same combination and order of letters which appears on the other web pages of the destination bank. To enter the bank’s gateway, always type the address directly into the address bar and avoid clicking on hyperlinks sent to you via email, pretending to be the bank’s webpage. In addition, avoid the links sent to you, seemingly from the bank, via email. This is a malicious trick by the fraudsters to direct you to a webpage which looks exactly like the real one, so when you assume to be connected to the genuine website, you are providing the thieves with your login password, enabling them to withdraw money from your account.

Use virtual keypad

Make sure you use the virtual keypad on the destination bank’s web page or windows virtual key board when typing in your login password.

Activate your SMS banking

Make sure to activate the “SMS notification” the same time you activate your “internet banking” service for your account. This way you are notified whenever you log onto your internet banking.

Log out the internet banking when you are finished

After logging out of the “internet banking” on the destination bank’s webpage, make sure to click on the “exit from internet banking” and then close out the internet browser.

Always Keep track of your account

Check your banking account at least once a weak and ensure the transactions carried out over the weak are accurate.

Mobile banking security issues

Since the fake versions of mobile banking applications of some banks are available in some app markets, such as Google play, and the users are encouraged by fraudsters to update or install their applications from such stores, you should never use Google store or other similar markets to install banking applications and only download and install such apps from secure sources such as the bank’s websites.

Hence, the only safe source to download mobile banking applications is the official website of the bank and you should by no means download and install banking applications from the links received through messages or emails.

Other security issues

The Middle East Bank never asks your confidential information such as national code, your banking account information, etc., through text message or email, so if you encounter such solicitations, notify the Bank’s security division.

To get the latest information on the security threats, please visit the cyber police (fata) at: www.cyberpolice.ir.

Make certain your contact information on the internet banking system is accurate and update any changes thereto.