Guarding Against Phishing

When a bogus organisation goes 'Phishing' (pronounced 'fishing'), it is attempting to illegally obtain sensitive personal information from you, e.g. your user ID, password, bank account numbers, credit card numbers etc. They will then use the information you have provided to access your account for illegal purposes, e.g. commit credit card fraud with the credit card numbers that you have mistakenly provided to the 'phishing' individual or organisation.

Common techniques that are used by the phishing fraudsters include, but are not limited, to the following:

  • Using false email addresses, logos, and graphics to mislead you into accepting the validity of the emails and web sites;
  • Faking domain names to appear as it they represent us;
  • Duping you into providing personal details through one or more methods, such as hyperlinks to fake websites or embedded forms in emails.
For example, you may receive an email that claims to be from DBS that asks you to click on a link to a website within the email to update certain sensitive information for certain reasons. When you click on the link, you will be directed to a particular web site that may look exactly like ours where you will be asked to enter sensitive information. Emails like these may look quite sophisticated and even carry our logos. However, do not trust them.

As a matter of security, DBS Bank will never send you an email asking you to update your personal information.


It is relatively simple to make a Web site look exactly like a legitimate organisation's site by merely duplicating what is available from the Internet.


Do not follow any link(s) within a suspicious email to the DBS iBanking site. Because it is our policy to never request customers through email to update your personal account information, please note that any emails that request for your information in this manner is definitely bogus.

Below are some other steps that you can take to prevent yourself from being a victim of a 'phishing'; scam:

  • Always enter the full URL of DBS Hong Kong website (www.dbs.com.hk) into your browser address bar to access DBS iBanking.
  • Never reveal your Password to anyone. No staff of DBS Bank should ever ask you for your Password under any circumstances.
  • If you get an email that warns you that a DBS account of yours will be shut down unless you reconfirm your personal information, do not reply or click on the link in the email.
  • Never click on a link in an email that prompts you to log on with your DBS iBanking Username and Password. Always type in the actual URL of the DBS iBanking website into your browser.
  • Avoid emailing personal and financial information. Before submitting financial information through a Website, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission. DBS will never solicit personal and financial information from you via a form or forms in an email.
  • Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorised charges. If your credit card and/or bank statements are late by more than a couple of days, please call our Credit Card Service Centre. You can also call to confirm your billing address and account balances.

If you suspect that you are being phished, please feel free to contact us at our Customer Service Centre to notify us. Your report will help us identify phishing websites and take immediate action to suspend its operation. In addition, this information will help us publish and maintain a list of these fraudulent sites so that other DBS customers will be warned.

 

Additionally, for more digital security tips published by The Hong Kong Association of Banks, please click here.

 

Beware of fraudulent e-mails

You can prevent this from happening to yourself.

Please be aware that fraudulent e-mails are being circulated to con internet banking users into revealing sensitive account information. This has affected a number of banks around the world.

Such e-mails trick the recipient into thinking that they are responding to a genuine request because they are usually very convincing looking and are phrased to give the appearance that they were sent by the recipient's banker.

These e-mails usually tell the recipients that they are required to "update"or "validate"certain information via a hyperlink provided in the e-mail. Unknowingly, they are directed to a web site that looks like the bank's, but is actually controlled by the fraudsters. Sensitive account information such as credit card information and User ID's & PINs entered on these sites are therefore revealed to the fraudsters. This is often referred to as "phishing".

For more information, just use any search engine and search for "phishing"or "e-mail bank scams".


  • NEVER reveal your PIN to anyone. Be suspicious of any e-mail asking you to provide sensitive account information. DBS will NEVER send such e-mails.
  • If you receive such e-mails, please verify with the sender stated but use a contact number that is known to be genuine. Do not reply or click on the links in the e-mail.
  • Disregard and delete spam, chain and junk e-mails.
  • Do not access DBS website by hyperlinks embedded in e-mails or search engines.
  • Always type www.dbs.com/hk into your browser address bar or use favourites/bookmarks to access our site.
  • Avoid accessing DBS iBanking or any other Internet services which needs your input of passwords through public/shared computers, such as Internet cafes, public libraries, and other public sites; or devices which cannot be trusted to avoid the risk of information being collected and copied, thus abused usage after you leave.
  • Act quickly and contact the DBS Bank on 2290 8888, then press 6 (iBanking) or 2290 8038 (ec-business/IDEAL services) if you suspect you have been tricked or if you have enquiries.
 

"Spyware"may be watching you

We strongly advise you to exercise caution when using any third party software, which claims to speed up your internet connections.

Such software or services may redirect your internet session through their own server, which give them the ability to store and analyse your internet activities. This may include activities conducted during your secure sessions with DBS or any other secure internet service and even information such as your usernames, passwords, credit card numbers, bank and purchase transactions.

  • Do NOT visit the DBS website while any software that monitors or redirects your internet session is present on your computer.
  • If you install any software that claims to speed up your internet connection, or have additional third party toolbars on your browsers, you may be using software that has the ability to track your internet sessions. We recommend that you uninstall such software
  • You can usually safely uninstall such software by going to your Control Panel, selecting Add/Remove Programs, then finding the named application and selecting Remove.
  • Educate yourself on "Spyware". Be alert to any Spyware-like activities on your computer. Be suspicious if you get lots of pop-up banners or unsolicited e-mails that appear to "know you too well".
  • Securely configure your computer, install and run anti-virus software, anti-spyware software and personal firewall software from reputable software company to protect your computer from viruses and malicious programs. You should also install the latest software and update such software with latest security patches, and apply security patches on a regular basis.
  • Do not use public/shared computers or devices which cannot be trusted to get access to DBS iBanking as it is difficult to ensure such PCs are free from hacker programs, or any software that monitors or redirects your internet session.

  • We will actively block traffic to dbs.com that has passed through redirector/Spyware services.
  • If you have, at any time, been denied access to our website, you may be either intentionally or inadvertently running redirector/Spyware software on your computer. In such cases, we urge you to uninstall such software.

Thank you. Your feedback will help us serve you better.

Was this information useful ?

Thank you for your feedback
Let us know how this article helped:
We're sorry to hear that.
How can we do better?
Please enter only letters, numbers, @!$&-()',./