Skip to main content

Is nbkwealth.com a Scam? Security Check Results - NBK Wealth Reviews

nbkwealth.com favicon

Is nbkwealth.com Safe? Security Analysis for NBK Wealth

https://nbkwealth.com

Check if nbkwealth.com is a scam or legitimate. Free security scan and reviews.

FinanceKuwaitlarge
jQueryGoogle reCAPTCHAGoogle Tag ManagerAzure Media PlayerModel Viewer (3D models)
Analyzed 10/3/2025Completed 7:40:32 PM
74
Security Score
MEDIUM RISK

AI Summary

NBK Wealth is a prominent wealth management group operating primarily in the Middle East, affiliated with the NBK Group, a major financial institution. The company offers a broad range of services including private banking, wealth management, asset management, and investment advisory through a global network of offices. Their target clientele includes ultra-high-net-worth individuals and institutions seeking comprehensive financial solutions. The website reflects a mature digital presence with modern technologies such as 3D model viewers and integration of Google services for analytics and security. Technically, the website is built on Concrete CMS and employs standard security measures including HTTPS and Google reCAPTCHA. The site is mobile-optimized and provides a professional user experience with clear navigation and detailed service descriptions. However, there is a notable absence of privacy and cookie policies, which impacts compliance and user trust. The WHOIS data is missing or not publicly available, which is unusual for a financial institution and warrants further verification. From a security perspective, the site uses HTTPS and some security best practices but lacks explicit security headers and published incident response or vulnerability disclosure information. No critical vulnerabilities were detected in the content analyzed. Overall, the site appears trustworthy and professional but could improve transparency and compliance documentation. Strategically, NBK Wealth should focus on enhancing privacy compliance, publishing security policies, and clarifying domain registration details to strengthen trust and regulatory adherence.

Detected Technologies

jQueryGoogle reCAPTCHAGoogle Tag ManagerAzure Media PlayerModel Viewer (3D models)

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

NBK Wealth holds a strong market position as one of the largest wealth management groups in the Middle East, leveraging the reputation and infrastructure of the NBK Group. Their business model centers on providing tailored financial services to high-net-worth individuals and institutional clients, with offerings spanning private banking, asset management, and trading solutions. The company operates across multiple countries with offices in Kuwait, Saudi Arabia, UAE, Switzerland, UK, and Ireland, indicating a broad geographic footprint. Their partnership ecosystem includes various NBK brokerage platforms and regional wealth management services, enhancing their service delivery capabilities. The website content and structure suggest a focus on client-centric solutions and legacy building, which aligns with their target market's expectations. Growth indicators include a sizable employee base and multiple specialized teams. The absence of detailed financial data or founding year limits deeper revenue or growth analysis.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (4)

i*****@nbk.ksa
i*****@nbk.sw
i*****@nbki.com
I*****@nbkwealth.com

Physical Addresses (5)

NBK Wealth P.O. Box 4950 Safat 13050, Kuwait 35th Floor, NBK Tower Block 7, Plot 6, Sharq Area, Jaber Al-Mubarak & AlShuhada Street.7220 King Fahad Rd. - Al Muhammadiyah Dist. Unit No. 15 Riyadh 12363 - 4590 Kingdom of Saudi ArabiaRue de la Corraterie 5 - P.O. Box 3271 - 1211 Geneva - Switzerland13 George Street, London, W1U 3QJGate District Precinct Building 4 Floor 7, Office Unit 3, PO Box 506506, Dubai, United Arab Emirates

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate to good security posture with HTTPS enforced and use of Google reCAPTCHA to protect forms from automated abuse. However, the lack of explicit security headers such as Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options reduces the overall security hardening. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The absence of published security policies, incident response contacts, or vulnerability disclosure programs indicates a gap in transparency and readiness for security incidents. GDPR compliance indicators are weak due to missing privacy and cookie policies. Overall, the security maturity is adequate for a financial services website but could be improved by adopting comprehensive security headers, publishing security documentation, and enhancing privacy compliance.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a comprehensive privacy policy and cookie policy with clear GDPR compliance statements.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

NBK Wealth

Description:

NBK Wealth is a world-class wealth management group and one of the largest in the region, part of the NBK Group - one of the Middle East's largest financial institutions. They offer comprehensive solutions to protect and grow clients' wealth and build legacies for clients and future generations.

Key Services:
Private BankingWealth ManagementWealth PlanningBanking ServicesAsset ManagementInvestment ManagementAlternative InvestmentsTraditional InvestmentsTrading Solutions
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
jQueryGoogle reCAPTCHAGoogle Tag ManagerAzure Media PlayerModel Viewer (3D models)
Frameworks:
Concrete CMS
Performance:

moderate

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Use of Google reCAPTCHA for forms
  • No exposed sensitive data found in HTML

Analytics & Tracking

Services:
Google Analytics (via Google Tag Manager)
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Transparency Level:basic

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and professional design.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

80/100
Score

Weak X-Frame-Options configuration

LOW

Current value: "sameorigin, SAMEORIGIN"

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

53/100
Score

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

85/100
Score

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 a:mail.nbkcapital.com ip4:178.249.176.161 include:spf.protection.outlook.com a:dispatch-eu.ppe-hosted.com include:spf-uk.emailsignatures365.com ~all
DKIM Selectors Found
Selector:selector2(1416-bit rsa)
DMARC Details
Policy:reject
Aggregate Reports:rua@dmarc360.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

95/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 35 days

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:www.nbkwealth.com
Issuer:GeoTrust Global TLS RSA4096 SHA256 2022 CA1
Valid Until:11/7/2025 (35 days)
SANs:www.nbkwealth.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DNS Records

A Records:20.55.103.191
Name Servers:
ns1.nbkcapital.comDNS only
ns2.nbkcapital.comDNS only
MX Records:
10: mx2-eu1.ppe-hosted.com
10: mx1-eu1.ppe-hosted.com

DNSSEC Status

DNSSEC Not Enabled

SPF Analysis

SPF Record:
v=spf1 a:mail.nbkcapital.com ip4:178.249.176.161 include:spf.protection.outlook.com a:dispatch-eu.ppe-hosted.com include:spf-uk.emailsignatures365.com ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on Concrete CMS, leveraging modern web technologies including jQuery, Google Tag Manager, Google reCAPTCHA, Azure Media Player, and 3D model viewers for an engaging user experience. The site is mobile-optimized with responsive design and good accessibility features. Performance is moderate with asynchronous loading of scripts and optimized media usage. SEO is supported by proper meta tags including Open Graph and Twitter cards. However, there is room for improvement in security header implementation and privacy compliance mechanisms. The hosting provider is not explicitly identified from the content. Overall, the technical infrastructure supports a professional and scalable digital presence suitable for a large financial institution.
Analyze Another Website