From encryption to oversight, we apply layered security protocols and constant monitoring to meet and exceed regulatory standards.
Login
We use multi-factor authentication (MFA) to verify your identity. This added layer of protection ensures that only you can access your account, even if your password is compromised.
Encryption
Your personal and financial information is protected with end-to-end encryption, ensuring that your data remains private and unreadable to unauthorized parties during transmission and storage.
Monitoring
Our systems constantly monitor for unusual and dubious behavior or unauthorized access attempts. Any suspicious activity is flagged immediately for investigation and response.
Security is a shared responsibility. Here are some easy steps you can take to protect your ICAP account from fraud or misuse.
- Use a mix of upper- and lower-case letters
- Add numbers and symbols (e.g., Dews2s3!)
- Use unique phrases or abbreviations (e.g., Ali Nasser → AiNs24)
- Personal info (name, birthdate, etc.)
- Common passwords or dictionary words
- Patterns (1234, qwer) or repeats (11qq)
- Never share your password
- Don’t write it down anywhere
- Update it on regular basis
At Alistithmar Capital, securing your trading experience is a top priority. These key tips are designed to help you trade safely and confidently by following best practices in online security. From protecting your credentials to ensuring safe access, each principle is here to support secure investing.
Do not leave your device unattended while you are logged in to Alistithmar Capital applications and ensure you have most updated Operating system, Antivirus software on your device.
Never share your username or password, not even with ICAP staff. ICAP will never request them at any time or for any reason.
Choose complex passwords, update them regularly, and never reuse them across different accounts or platforms.
Never save login details or personal information on your mobile device. If it’s lost or stolen, your accounts may be exposed to unauthorized access.
Always log in via https://online.icap.com.sa and confirm the 🔒 lock icon in your browser to ensure a secure, encrypted connection.
Do not access your trading account from public computers or unsecured Wi-Fi networks to prevent unauthorized access.
Only download ICAP mobile or desktop apps via links on ICAP’s official website to ensure authenticity and security.
ICAP will never ask you to update your login or personal information via links in an email. Ignore and delete any such messages.
Review SMS notifications promptly and report any suspicious activity immediately through ICAP’s official contact channels.
If you notice any unusual activity on your ICAP trading account or believe you’ve been targeted by a scam, contact our security team immediately to help protect your account and limit potential harm.
Want to report a suspicious activity?
Scammers keep coming up with new tricks. Learn how to spot the most common scams and what to do when you see it.
Phishing is a type of cyber attack where attackers impersonate legitimate institutions or individuals in order to trick people into sharing sensitive information such as passwords, credit card numbers, or login credentials.
An attacker can deceive the target by sending an e-mail message claiming to be from a company or a person who is previously well-known to the recipient of the message (Target)
Be cautious of emails asking for personal or financial details, even if they appear to come from someone you know. Avoid clicking on links unless you're sure the sender is trusted and the message is expected.
Spam involves sending similar or identical emails or SMS messages to multiple recipients. These messages often contain links that appear to be legitimate but can lead to phishing websites or malware downloads.
You might receive an email appearing to be from a trusted company, asking you to click a link to update your details. This link could lead to a fraudulent site or download harmful software.
Avoid opening emails or clicking links from unfamiliar senders. Keep your email private, enable spam filters, and delete suspicious messages. Never reply to or click links in suspected spam emails.
Typo-squatting (or cyber-squatting) involves fraudulent websites designed to closely resemble legitimate sites by exploiting common typing errors.
Instead of visiting www.icap.com.sa, scammers might set up a lookalike site at www.icap-com.sa, hoping to catch users who make simple spelling mistakes.
Always type the URL directly into your browser’s address bar and carefully check it before entering your E-Trading details. Double-check the spelling to ensure you’re on the official ICAP site.
A key-logger is malicious software that records every keystroke you make, including instant messages, emails, and personal information. The log file is then sent to an attacker, who can misuse this data.
A key-logger can capture everything you type, from email addresses to website URLs, compromising your personal and financial security.
Keep your system and software up-to-date with the latest security patches and use a reliable antivirus solution. Avoid using public or shared computers for sensitive activities, as they may already be infected with key-loggers.
Malware is malicious code like viruses, worms, and Trojans designed to harm your computer. It can steal data, disrupt operations, or lock your files for ransom.
Trojans hide in harmless-looking programs to steal data. Viruses self-replicate and spread. Ransomware encrypts your data, demanding payment for its release. Spyware secretly gathers your info.
Be wary of email attachments / links, suspicious websites, and pop-ups. Scan external media. Use trusted software only. Keep your OS and software updated, and use antivirus solution.
