Middle East digital banking users show rising fraud vigilance, study shows

By Puja Sharma

Gulf Bank releases findings of financial awareness survey conducted as part of the “Diraya” campaign

Survey reveals strong progress in customer vigilance while identifying critical gaps in password management, OTP security, and fraud reporting awareness

“These results tell us that when you speak consistently, clearly, and through the right channels, people listen and they act. We are genuinely encouraged to see our community not only receiving the message but embracing it and passing it on.” Najla Aleisa, Chief Marketing Officer, Gulf Bank

Gulf Bank has announced the findings of a comprehensive financial awareness survey conducted among its customers as part of the nationwide “Diraya” (Let’s Be Aware) campaign led by the Central Bank of Kuwait. The aim was to measure customer awareness of financial risks and digital fraud, while guiding the future direction of the bank’s awareness initiatives.

On this occasion, Najla Aleisa, Chief Marketing Officer, Gulf Bank, said: “Continuous communication is at the heart of everything we do through ‘Diraya.’ These results show that when awareness messages are delivered consistently, clearly, and through the right channels, people respond positively.”

The “Diraya” campaign reflects Gulf Bank’s commitment to strengthening financial literacy and digital security in Kuwait. As fraudsters increasingly use AI to create convincing scams, deepfake communications, and automated attacks, customer awareness has become more important than ever. With digital banking now part of everyday life, Gulf Bank considers informed customers a key line of defense against financial crime. The study provides measurable insight into customer behavior and identifies areas requiring stronger awareness efforts.

The survey examined customer behavior across several areas of digital financial safety, including phishing attempts, public Wi-Fi usage, OTP security, password management, fraud reporting awareness, and sources of financial information.

1. Progress in Recognising and Ignoring Suspicious Communications

One of the most encouraging findings was that 82% of respondents reported ignoring suspicious messages and links. This reflects a positive behavioral shift and demonstrates the impact of Gulf Bank’s awareness campaigns in helping customers recognise phishing attempts and fraudulent communications.

Phishing remains one of the most widespread forms of digital fraud globally, making this level of customer vigilance an important achievement.

2. Safer Behavior on Public Networks

The study found that 72% of participants avoid using public Wi-Fi networks for banking transactions. This indicates increasing awareness of the risks associated with unsecured networks and the importance of protecting personal financial data.

The result also suggests that awareness messaging around secure digital banking practices has been effective.

3. OTP Sharing: A Persistent and Serious Risk

Despite the positive findings, the study highlighted several concerns requiring immediate attention. Most notably, 16% of respondents admitted sharing their one-time password (OTP) with another person.

Although the percentage may appear limited, OTP sharing presents a serious security threat because OTPs are designed as a final verification layer intended only for the account holder. Sharing them can lead to unauthorised account access and financial fraud. The findings underline the need for stronger and more frequent awareness messaging on OTP security.

4. Password Hygiene: A Significant Gap

The study also revealed that 52% of respondents do not regularly update their passwords or PINs. Maintaining static credentials significantly increases vulnerability to unauthorised access, especially following data breaches or credential theft.

The findings emphasise the need for focused campaigns encouraging customers to adopt stronger password habits and regularly update their login information.

5. Fraud Reporting Awareness: Room for Improvement

Another important finding showed that 50% of participants were unaware of the correct channel for reporting suspected fraud. This gap may delay fraud reporting and reduce the bank’s ability to respond quickly to emerging threats.

In response, Gulf Bank has increased the visibility of fraud reporting information across “Diraya” campaign materials, including SMS messages, in-app notifications, and ATM screens.

6. Social Media as the Dominant Awareness Channel

When asked where they receive financial awareness information, 54% of respondents identified social media as their primary source, ahead of traditional media, SMS, and in-branch communication.

This confirms the importance of Gulf Bank’s social media platforms as a key channel for delivering awareness content. The bank plans to continue investing in engaging and reliable digital communication to maximise customer reach.

Gulf Bank’s Response and Next Steps

Gulf Bank confirmed that the findings will shape the next phase of the “Diraya” campaign. Rather than applying a broad approach, the bank will focus on the highest-risk behaviors identified in the study, particularly OTP security, password management, and fraud reporting awareness.

The bank will develop targeted awareness content tailored to different customer segments and distributed mainly through social media, while also maintaining visibility across SMS, mobile applications, ATM screens, and Contact Center interactions.

Gulf Bank also emphasised its commitment to continuous evaluation and improvement. Future studies will measure progress against the current findings to ensure awareness efforts remain effective and evidence-based.

The Evolving Threat Landscape: AI-Powered Fraud

The importance of the “Diraya” campaign is reinforced by the rapidly evolving fraud landscape. Cybercriminals increasingly use artificial intelligence to launch sophisticated and difficult-to-detect attacks.

AI-generated phishing messages now closely resemble legitimate communications, while deepfake voice technology allows fraudsters to impersonate trusted individuals such as bank employees or government officials. Automated systems can also test stolen credentials rapidly, exploiting weak or unchanged passwords within seconds.

These developments make risky behaviors such as OTP sharing, weak passwords, and using unsecured public networks even more dangerous. Gulf Bank recognises that awareness campaigns must continue evolving to keep pace with emerging threats and increasingly sophisticated fraud tactics.

Key Findings

• A positive shift in awareness is visible, with 82% of customers now disregarding suspicious messages and links.
• Growing cybersecurity awareness is reflected in the fact that 72% of users avoid conducting banking transactions over public Wi-Fi networks.
• Despite rising awareness, 16% of respondents admitted to sharing their one-time password (OTP) with third parties.
• Password hygiene remains a concern, as 52% of users do not regularly update their passwords or PINs.
• Fraud reporting awareness continues to lag, with 50% of respondents unaware of the correct channel for reporting fraudulent activity.
• Social platforms are emerging as key information channels, with 54% of users relying on social media for financial awareness content.