Bank with Ease

Security Alerts

What is Phishing?

When a bogus organisation goes 'Phishing' (pronounced 'fishing'), it is attempting to illegally obtain sensitive personal information from you, e.g. your user ID, password, bank account numbers, credit card numbers etc. They will then use the information you have provided to access your account for illegal purposes, e.g. commit credit card fraud with the credit card numbers that you have mistakenly provided to the 'phishing' individual or organisation.

How is Phishing usually done?

Common techniques that are used by the phishing fraudsters include, but are not limited, to the following:
  • Using false email addresses, logos, and graphics to mislead you into accepting the validity of the emails and web sites;
  • Faking domain names to appear as it they represent us;
  • Duping you into providing personal details through one or more methods, such as hyperlinks to fake websites or embedded forms in emails.
For example, you may receive an email that claims to be from DBS that asks you to click on a link to a website within the email to update certain sensitive information for certain reasons. When you click on the link, you will be directed to a particular web site that may look exactly like ours where you will be asked to enter sensitive information. Emails like these may look quite sophisticated and even carry our logos. However, do not trust them.

As a matter of security, DBS Bank will never send you an email asking you to update your personal information.

How come the Bogus Web Site can look EXACTLY like a bank’s Internet Banking site?

It is relatively simple to make a Web site look exactly like a legitimate organisation's site by merely duplicating what is available from the Internet.

How can I prevent myself from being 'phished'?

Do not follow any link(s) within a suspicious email to the DBS iBanking site. Because it is our policy to never request customers through email to update your personal account information, please note that any emails that request for your information in this manner is definitely bogus.

Below are some other steps that you can take to prevent yourself from being a victim of a 'phishing'; scam:

  • Always enter the full URL of DBS Hong Kong website (www.dbs.com.hk) into your browser address bar to access DBS iBanking.
  • Never reveal your Password to anyone. No staff of DBS Bank should ever ask you for your Password under any circumstances.
  • If you get an email that warns you that a DBS account of yours will be shut down unless you reconfirm your personal information, do not reply or click on the link in the email.
  • Never click on a link in an email that prompts you to log on with your DBS iBanking Username and Password. Always type in the actual URL of the DBS iBanking website into your browser.
  • Avoid emailing personal and financial information. Before submitting financial information through a Website, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission. DBS will never solicit personal and financial information from you via a form or forms in an email.
  • Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorised charges. If your credit card and/or bank statements are late by more than a couple of days, please call our Credit Card Service Centre. You can also call to confirm your billing address and account balances.

Should I report a bogus Phishing site or suspicious email?

If you suspect that you are being phished, please feel free to contact us at our Customer Service Centre to notify us. Your report will help us identify phishing websites and take immediate action to suspend its operation. In addition, this information will help us publish and maintain a list of these fraudulent sites so that other DBS customers will be warned.

 

You can prevent this from happening to yourself.

Please be aware that fraudulent e-mails are being circulated to con internet banking users into revealing sensitive account information. This has affected a number of banks around the world.

How it works

Such e-mails trick the recipient into thinking that they are responding to a genuine request because they are usually very convincing looking and are phrased to give the appearance that they were sent by the recipient's banker.

These e-mails usually tell the recipients that they are required to "update"or "validate"certain information via a hyperlink provided in the e-mail. Unknowingly, they are directed to a web site that looks like the bank's, but is actually controlled by the fraudsters. Sensitive account information such as credit card information and User ID's & PINs entered on these sites are therefore revealed to the fraudsters. This is often referred to as "phishing".

For more information, just use any search engine and search for "phishing"or "e-mail bank scams".

Preventive Measures You SHOULD Take

  • NEVER reveal your PIN to anyone. Be suspicious of any e-mail asking you to provide sensitive account information. DBS will NEVER send such e-mails.
  • If you receive such e-mails, please verify with the sender stated but use a contact number that is known to be genuine. Do not reply or click on the links in the e-mail.
  • Disregard and delete spam, chain and junk e-mails.
  • Do not access DBS website by hyperlinks embedded in e-mails or search engines.
  • Always type www.dbs.com/hk into your browser address bar or use favourites/bookmarks to access our site.
  • Avoid accessing DBS iBanking or any other Internet services which needs your input of passwords through public/shared computers, such as Internet cafes, public libraries, and other public sites; or devices which cannot be trusted to avoid the risk of information being collected and copied, thus abused usage after you leave.
  • Act quickly and contact the DBS Bank on 2290 8888, then press 6 (iBanking) or 2290 8038 (ec-business/IDEAL services) if you suspect you have been tricked or if you have enquiries.

We strongly advise you to exercise caution when using any third party software, which claims to speed up your internet connections.

Such software or services may redirect your internet session through their own server, which give them the ability to store and analyse your internet activities. This may include activities conducted during your secure sessions with DBS or any other secure internet service and even information such as your usernames, passwords, credit card numbers, bank and purchase transactions.

What you can do to protect yourself

  • Do NOT visit the DBS website while any software that monitors or redirects your internet session is present on your computer.
  • If you install any software that claims to speed up your internet connection, or have additional third party toolbars on your browsers, you may be using software that has the ability to track your internet sessions. We recommend that you uninstall such software
  • You can usually safely uninstall such software by going to your Control Panel, selecting Add/Remove Programs, then finding the named application and selecting Remove.
  • Educate yourself on "Spyware". Be alert to any Spyware-like activities on your computer. Be suspicious if you get lots of pop-up banners or unsolicited e-mails that appear to "know you too well".
  • Securely configure your computer, install and run anti-virus software, anti-spyware software and personal firewall software from reputable software company to protect your computer from viruses and malicious programs. You should also install the latest software and update such software with latest security patches, and apply security patches on a regular basis.
  • Do not use public/shared computers or devices which cannot be trusted to get access to DBS iBanking as it is difficult to ensure such PCs are free from hacker programs, or any software that monitors or redirects your internet session.

What we are doing to protect your interests

  • We will actively block traffic to dbs.com that has passed through redirector/Spyware services.
  • If you have, at any time, been denied access to our website, you may be either intentionally or inadvertently running redirector/Spyware software on your computer. In such cases, we urge you to uninstall such software.

Malware Alert

Date: 02 Apr 2015Threat Type:
Malware (Dyre)
Alert Level: AmberCriticality: Low

Description:We have discovered variants of Dyre malware that may affect users of the DBS Internet Banking website. This malware is spread through phishing emails with malicious attachment. When the said malicious attachment is opened, the malware infects the customers’ computers or devices.

Once customers’ computers or devices are infected, the malware will attempt to steal the customers’ login and authorisation credentials such as (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on) by altering the flow of the DBS Internet Banking website. It will show a “Please Wait…” message and ask for the customer’s user ID, PIN and iB Secure PIN repeatedly.

If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Who might be at risk?
Customers iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter any challenge code into your Secure Device if you did not perform any financial transaction(s) in your account. Please note that during the login process, DBS will never ask for "Sign 1" of your Secure Device nor ask you to input a Challenge/Response.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.

Please inform our customer centre at 2290 8888 (press 6 and then 1 after language selection) immediately if you encounter any of the following situations:

  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

"FREAK" Vulnerability Information

Date: 04 Marh 2015Threat Type:
Security Vulnerability
Alert Level: AmberCriticality: Low

Description: A vulnerability known as “FREAK” has been discovered on OpenSSL implementations of SSL (Secure Socket Layer) and TLS (Transport Layer Security) which are used to encrypt communications between a website and a web browser (such as Internet Explorer, Safari) to keep the customer’s credentials and transactions secure. The vulnerability is present on websites that that use OpenSSL and accept weak encryption key length of 512 bits. When exploited, an attacker can break this weak encryption key which will allow him to steal secret information from web servers, such as the customer’s login credentials.

DBS iBanking and IDEAL do not use OpenSSL and RSA 512 bit encryption key and are not vulnerable to “FREAK”. You are assured that we have multiple layers of security in place such as 2FA for online banking transactions, to protect your online banking transactions.

However, it has also been reported that “FREAK” affects Apple’s Safari browser and Google’s Android browsers and could enable an attacker to spy on communications of users of these browsers. Both Apple and Google have since announced that a patch/software update is underway, to help mitigate this risk.

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Update your web browser to the latest available patches and install the latest software updates on your mobile devices. Ensure that you download these updates from authentic and trusted sources such as Apple App Store or Google Play Store.
  2. Use different usernames and passwords for your online banking accounts from other non-banking related accounts and ensure that you change your passwords regularly.
  3. Do not reveal your DBS iBanking/IDEAL username, password or security PIN to anyone.
  4. Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures.
  5. Call us immediately at 2290 8888 (Personal Banking) or 2290 8038 (Business Banking), if you notice unknown transactions appearing on your account.

"POODLE" Vulnerability Information

Date: 16 October 2014Threat Type:
Security Vulnerability
Alert Level: AmberCriticality: Low

Description: A vulnerability known as “POODLE” has been discovered on the Secure Sockets Layer (SSL) v3 used by Internet Explorer version 6 and below. SSL is used to establish an encrypted link between a website and a web browser (such as Internet Explorer) to keep the customer’s credentials and transactions secure. With the “POODLE” vulnerability present, an attacker will be able to take control of the customer’s SSL channel which will then allow him to steal secret information such as account details.

Who might be at risk? DBS iBanking and IDEAL websites have layered security controls such as 2FA and OTP that keep online banking transactions secure. However, customers using Internet Explorer version 6 and below are still at risk of having their private information (such as web cookies, username or account details) stolen if an attacker exploits this vulnerability.

How can you protect yourself from this?

  • Customers are urged to visit the links below to download and install the latest version of popular web browsers:
  • Change your passwords regularly.
  • Do not reveal your DBS iBanking / IDEAL username, password or secure PIN to anyone.
  • Call us immediately at (852) 2290 8888 (Personal Banking) or (852) 2290 8038 (Business Banking), if you notice unknown transactions appearing on your account.

Heartbleed Vulnerability Information

Date: 14 April 2014 Alert Level: GreenCriticality: Low

Description: A vulnerability known as the Heartbleed bug has recently been discovered on OpenSSL implementations of SSL and TLS, which is used to encrypt communications between computers and web servers. This vulnerability allows attackers to obtain secret information such as credentials from web servers.

DBS iBanking/mBanking does not use OpenSSL and is not vulnerable to Heartbleed. We have multiple layers of security in place to protect our customers such as two factor authentication for online banking transactions. Protect yourself and your DBS iBanking/mBanking account with the following key pointers.

  • Use different usernames and passwords for your DBS online banking accounts from your other accounts.
  • Change your passwords regularly.
  • Do not reveal your DBS iBanking/mBanking username, password to anyone.
  • Call us immediately at 2290 8888 (Personal Banking) or 2290 8038 (Business Banking), if you notice unknown transactions appearing on your account.
  • Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures

Phishing Site Alert

Date: 15 Aug 2013 Alert Level: RedCriticality: High

Description: In view of recently detected fraud cases of phishing websites, we would like to remind our customers to guard against internet fraud. For example, an email may be sent to DBS customers, informing them that the DBS internet banking system will be upgraded and that they should click on a URL inside the email. This URL brings customers to a phishing website which pretends to be the DBS Internet Banking website, designed to steal customer iBanking Usernames, iBanking Passwords, one time passwords and contact information. Customers may also receive a call pretending to be from DBS, requesting your iBanking Password or informing you of transactions that you did not perform being cancelled/stopped. The phishing websites may be using various different URLs; examples are provided below:

  • http://www.theheatstore.nl/catalog/admin/Update/index.php
  • http://96.127.154.90/~kctasman/Update/index.php
  • http://villagebeads.co.nz/Update/index.php
  • http://www.arkmodel.com/DBS/
  • http://www.swordexperts.com/DBS/
A sample of the phishing email and the phishing website are provided for reference. Customers are reminded to refrain from providing any confidential information. Remember,
  • DBS staff will NEVER ask you for confidential information via email or phone, for example:
    ‧ iBanking Password; and
    ‧ One Time Password.

  • Always type in the URL of the DBS Internet Banking website directly into the address bar of your browser, and check that the website you are accessing is the valid DBS Internet Banking website:
    ‧ DBS iBanking - https://internet-banking.hk.dbs.com/IB/Welcome
    ‧ DBS iDEAL - https://ideal.dbs.com

  • Call us immediately at 2290 8888 (Personal Banking) or 2290 8038 (Business Banking), if you notice unknown transactions appearing on your account.
  • Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS.
  • Never reply to unsolicited emails.
Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on. It is also prudent to install the latest released anti-virus signatures and operating system/internet browser security updates.

Sample of the Phishing Email

Sample of the Phishing Website

Malware Alert

Date: 7 Mar 2013Alert Level: AmberMalware: Zbot (Zeus)

Description: We have discovered different variants of Zbot (Zeus) malware that may affect users of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS Internet Banking website to steal login and authorisation credentials (User ID, PIN, DBS iB Secure PIN, SMS One-Time Password (“OTP”) and so on). It will show a rotating “Please Wait…” message and ask for the customer’s user ID, PIN and DBS iB Secure PIN/ SMS One-Time Password repeatedly. The suspicious message is circled in red.

If you see any of the above irregularity while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Customers are reminded to remain cautious when banking online:
  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
  3. Please inform our contact centre at (852) 2290 8888 (press 6 and then 1 after language selection) immediately if you encounter any of the following situations:
    a. receive SMS that you did not perform or account number that you do not know
    b. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
    c. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
  4. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  5. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  6. For more security tips, please refer to Online Security

Malware Alert

Date: 4 July 2012Alert Level: AmberMalware: Zbot (Zeus)

Description: We have discovered malware that may affect the legitimacy of the DBS iBanking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS iBanking website. It will show a rotating “Please Wait …” message that does not exist on the DBS iBanking website. The malware will then attempt to steal login and authorisation credentials (User ID, PIN, Security Code, SMS OTP and so on). Here is a screenshot of what the DBS iBanking website will look like after a computer or device has been infected with this malware. The suspicious message is circled in red.

If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS iBanking website remains secure and is not the source of this malware.

Customers are reminded to remain cautious when banking online and take the following precautionary measures.

  1. Do not enter the OTP from your mobile phone if you did not add payee(s) or perform other online transactions in your account.
  2. Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our contact centre at 2290 8888 (press 6 and then 1 after language selection) immediately if you encounter the following situations a. if you received SMS or email for transactions that you did not perform or account number that you do not know b. encounter difficulty accessing your account after you have entered your credentials c. see unfamiliar banking processes such as "Security verification in progress" or "Please wait…".
  6. For more security tips, please refer to Online Security

Malware Alert

Date: 4 July 2012Alert Level: AmberCriticality: Low

Description: We have discovered different variants of Torpig (also known as Anserin or Sinowal) malware that may affect the legitimacy of the DBS iBanking websites. This malware infects customers’ workstations or devices. Once customers’ workstations/devices are infected, it is designed to steal customers’ information by altering the flow of the existing Internet Banking websites. It will ask for “card number”, the “signature panel code” (CVV code), “expiration date” and “ATM PIN”, claiming the computer is not recognized. In general, it will attempt to steal information from the infected computers, including all found passwords. Please do not provide any of such information. Here below is a screenshot of how the DBS iBanking website looks like after it is infected with this malware:

If you see any of the above changes while banking online with us, your computer may likely be infected with this malware. You are advised not to proceed with any transactions until your computer has been checked and disinfected. Customers are assured that the DBS iBanking website remains secure and is not the source of this malware. Customers are reminded to remain cautious when banking online. Do not provide any your card information. Do not enter the OTP from your mobile phone if you did not add payee(s) or perform other online transactions in your account. Protect your computer from being infected with such malware by using anti-virus software and updating it with the latest anti-virus signature. If you suspect that your computer or your bank accounts have been compromised while banking online with us, please report it to our contact centre at 2290 8888 (press 6 and then 1 after language selection) immediately.

Remedy: The following list of AntiVirus software is known to be able to detect and quarantine this type of malware.