Guarding Against Phishing
What is Phishing?
How is Phishing usually done?
Common techniques that are used by the phishing fraudsters include, but are not limited, to the following:
- Using false email addresses, logos, and graphics to mislead you into accepting the validity of the emails and web sites;
- Faking domain names to appear as it they represent us;
- Duping you into providing personal details through one or more methods, such as hyperlinks to fake websites or embedded forms in emails.
As a matter of security, DBS Bank will never send you an email asking you to update your personal information.
How come the Bogus Web Site can look EXACTLY like a bank's Internet Banking site?
It is relatively simple to make a Web site look exactly like a legitimate organisation's site by merely duplicating what is available from the Internet.
How can I prevent myself from being 'phished'?
Do not follow any link(s) within a suspicious email to the DBS iBanking site. Because it is our policy to never request customers through email to update your personal account information, please note that any emails that request for your information in this manner is definitely bogus.
Below are some other steps that you can take to prevent yourself from being a victim of a 'phishing'; scam:
- Always enter the full URL of DBS Hong Kong website (www.dbs.com.hk) into your browser address bar to access DBS iBanking.
- Never reveal your Password to anyone. No staff of DBS Bank should ever ask you for your Password under any circumstances.
- If you get an email that warns you that a DBS account of yours will be shut down unless you reconfirm your personal information, do not reply or click on the link in the email.
- Never click on a link in an email that prompts you to log on with your DBS iBanking Username and Password. Always type in the actual URL of the DBS iBanking website into your browser.
- Avoid emailing personal and financial information. Before submitting financial information through a Website, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission. DBS will never solicit personal and financial information from you via a form or forms in an email.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorised charges. If your credit card and/or bank statements are late by more than a couple of days, please call our Credit Card Service Centre. You can also call to confirm your billing address and account balances.
Should I report a bogus Phishing site or suspicious email?
If you suspect that you are being phished, please feel free to contact us at our Customer Service Centre to notify us. Your report will help us identify phishing websites and take immediate action to suspend its operation. In addition, this information will help us publish and maintain a list of these fraudulent sites so that other DBS customers will be warned.
Additionally, for more digital security tips published by The Hong Kong Monetary Authority, please click here.
Beware of fraudulent e-mails
You can prevent this from happening to yourself.
Please be aware that fraudulent e-mails are being circulated to con internet banking users into revealing sensitive account information. This has affected a number of banks around the world.
How it works
Such e-mails trick the recipient into thinking that they are responding to a genuine request because they are usually very convincing looking and are phrased to give the appearance that they were sent by the recipient's banker.
These e-mails usually tell the recipients that they are required to "update"or "validate"certain information via a hyperlink provided in the e-mail. Unknowingly, they are directed to a web site that looks like the bank's, but is actually controlled by the fraudsters. Sensitive account information such as credit card information and User ID's & PINs entered on these sites are therefore revealed to the fraudsters. This is often referred to as "phishing".
For more information, just use any search engine and search for "phishing"or "e-mail bank scams".
Preventive Measures You SHOULD Take
- NEVER reveal your PIN to anyone. Be suspicious of any e-mail asking you to provide sensitive account information. DBS will NEVER send such e-mails.
- If you receive such e-mails, please verify with the sender stated but use a contact number that is known to be genuine. Do not reply or click on the links in the e-mail.
- Disregard and delete spam, chain and junk e-mails.
- Do not access DBS website by hyperlinks embedded in e-mails or search engines.
- Always type www.dbs.com/hk into your browser address bar or use favourites/bookmarks to access our site.
- Avoid accessing DBS iBanking or any other Internet services which needs your input of passwords through public/shared computers, such as Internet cafes, public libraries, and other public sites; or devices which cannot be trusted to avoid the risk of information being collected and copied, thus abused usage after you leave.
- Act quickly and contact the DBS Bank on 2290 8888, then press 6 (iBanking) or 2290 8038 (ec-business/IDEAL services) if you suspect you have been tricked or if you have enquiries.
"Spyware"may be watching you
We strongly advise you to exercise caution when using any third party software, which claims to speed up your internet connections.
Such software or services may redirect your internet session through their own server, which give them the ability to store and analyse your internet activities. This may include activities conducted during your secure sessions with DBS or any other secure internet service and even information such as your usernames, passwords, credit card numbers, bank and purchase transactions.
What you can do to protect yourself
- Do NOT visit the DBS website while any software that monitors or redirects your internet session is present on your computer.
- If you install any software that claims to speed up your internet connection, or have additional third party toolbars on your browsers, you may be using software that has the ability to track your internet sessions. We recommend that you uninstall such software
- You can usually safely uninstall such software by going to your Control Panel, selecting Add/Remove Programs, then finding the named application and selecting Remove.
- Educate yourself on "Spyware". Be alert to any Spyware-like activities on your computer. Be suspicious if you get lots of pop-up banners or unsolicited e-mails that appear to "know you too well".
- Securely configure your computer, install and run anti-virus software, anti-spyware software and personal firewall software from reputable software company to protect your computer from viruses and malicious programs. You should also install the latest software and update such software with latest security patches, and apply security patches on a regular basis.
- Do not use public/shared computers or devices which cannot be trusted to get access to DBS iBanking as it is difficult to ensure such PCs are free from hacker programs, or any software that monitors or redirects your internet session.
What we are doing to protect your interests
- We will actively block traffic to dbs.com that has passed through redirector/Spyware services.
- If you have, at any time, been denied access to our website, you may be either intentionally or inadvertently running redirector/Spyware software on your computer. In such cases, we urge you to uninstall such software.
Thank you for your feedbackLet us know how this article helped:
We're sorry to hear that.How can we do better?