Security Tips

Protect your personal information

Security Awareness – Phishing Scam

Phishing is the fraudulent practice of sending emails seeming to be from reputable companies to induce individuals to reveal personal information such as User ID, Passwords and PIN codes (M-PIN or T-PIN).

Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter sensitive information at an imposters website whose look and feel are almost identical to the legitimate one. Often times, a phishing attack alerts you to a problem with your account and urges you to respond immediately by clicking a web link and “verifying” or “updating” your account information.


  • Faysal Bank never asks customer to respond to any email or click on a link for updating personal information.
  • Faysal Bank never asks you to reply in an email with any personal information such as user names or user ID, passwords or m-PIN and T-PIN.
  • Faysal Bank never claims your account may be closed if you fail to confirm, verify or authenticate your personal information via email
  • Faysal Bank never claims the need to confirm important information via email due to system upgrades.
  • Faysal Bank never asks for any personal information such as user names or user ID, passwords or m-PIN and T-PIN.
  • Whenever you access Faysal Bank’s Mobit – Mobile Banking website always verify for

How to Recognize Scams

Scam tactics are increasingly sophisticated and change rapidly. Even if a request looks genuine, be skeptical and look for these warning flags:

  • The message is unsolicited and asks you to update, confirm or reveal personal identity information (e.g., full CNIC number, account numbers, Date of birth, login ID, passwords).
  • The message creates a sense of urgency.
  • The (malicious) web site URL doesn’t match the name of the institution that it allegedly represents.
  • The web site doesn’t have an “s” after “http//:” indicating it is not a secure site.
  • The link in the pop-up doesn’t match the printed text.

Ways to authenticate Mobit – Mobile Banking Website

Ensure phishing filter are enabled on internet browsing properties and authenticate web address bar as mention below:

  • Whenever you access Faysal Bank’s Mobit – Mobile Banking website, you must always look for a closed padlock in the status bar at the bottom of your browser window and for “https:” rather than “http:” E.g.:

Look for Green font / background in address bar, this confirms its legitimate site.

Google Chrome

Internet Explorer


How to Enable Filters

Google Chrome

  • Please open Google Chrome browser.
  • Click on 3-bar icon located on top right corner of the browser
  • Select Settings from the drop-down list
  • Scroll down the page and Click on Show advanced settings from the below part
  • Mark the “Enable phishing and malware protection under Privacy settings”
  • Restart Google Chrome.

Internet Explorer

  • Please open Internet Explorer
  • Select Tools from Top menu (or Safety menu in case IE 8)
  • Select Smart Screen Filter from the drop-down list
  • Click on Turn on Smart Screen Filter.
  • Restart Internet Explorer.


  • Please open Firefox
  • Select File → Option → Security Tab
  • Enable check “Block reported attacked sites” and “Block reported web forgeries”.
  • Restart Firefox.

Do’s and Don’ts

  • Do use caution when providing personal information online. Never disclose User ID (mobile number), M-PIN, T-PIN that you used to register mobile banking to anyone/and or any platform that even includes your close relatives.
  • Do keep your Internet browser and operating system up-to-date with the latest security patches and updates.
  • Do verify the legitimacy of e-mails by calling Faysal Bank at 111 06 06 06 or 111 11 71 71.
  • Do adjust your spam filters to ward off unwanted spam. Read everything you ever wanted to know about Spam and learn how spam filtering can help reduce the amount of unwanted email in your inbox, as well as help protect you from malicious attacks.
  • Do review common best practices for avoiding e-mail scams and social engineering attacks.
  • Do ensure to run anti-virus on your computer and verify definitions are up to date
  • Do close all browsers while accessing Mobile Banking site and stay conscious throughout the open session.
  • Don’t follow unsolicited links or attachments in e-mails. Even though you may recognize the name of the sender, scam artists sometimes use these tactics to get personal information from you. Never give out your login ID, password, or CNIC number in response to an unsolicited request.
  • Don’t use public hotspot or any other public facility to access Mobile Banking portal.
  • Don’t use anonymous proxies to login Mobile Banking portal.

To Report Phishing or Spam

If you are ever unsure whether an email message is legitimate, DO NOT RESPOND to it! To report phishing emails that appear to be from the Faysal Bank, call our help line at 111 06 06 06/ 111 11 71 71 or email at [email protected] to report and further action.