What is “Phishing”
"Phishing” refers to a case where fraudsters attempt to illegally access your key personal information such as your bank user name, password, identity card number and debit card number. They will use your information to access your account for illegal purposes. For example they will use debit card number which you inadvertently provide to bogus websites to conduct fraud.
How is “Phishing" carried out?
Fraudsters engage in “Phishing” in a number of ways which can be summarized as follows:
Use similar e-mail addresses, trademarks or logos to make you mistake them for true e-mails or websites.
Use different ways to trick you into providing your personal information, e.g. providing hyperlinks to fraudulent websites or online forms attached to the e-mail.
Common examples: You may receive an e-mail claimed to be sent by DBS, requiring you to click on a hyperlink to enter certain website and make some necessary personal information updates under some conditions. Once you click the hyperlink you will be led to a website quite similar to our bank which requires you to enter your personal information for illegal access or utilization. Furthermore, e-mails sent by fraudsters may look vey similar to those from our bank, which may even have bank logos on them. Therefore you must be particular cautious and should not easily trust such e-mails.
For security reasons, under no circumstances will DBS demand online important personal information updates through e-mails.
Why are fraudulent websites so similar to bank websites?
As anyone can download and replicate information from the internet, fraudsters can easily replicate a website that is almost identical to a legitimate organization.
How to avoid being cheated by “Phishing”?
Do not log onto what is claimed to be DBS iBanking website through hyperlinks provided in suspicious e-mails. For security reasons, under no circumstances will DBS demand online important personal information updates through e-mails. Thus, any e-mail of this nature that you receive is fraudulent.
We recommend the following measures to avoid being drawn into “Phishing" scam:
- At all times log onto DBS China’s website (https://www.dbs.com.cn) to enter iBanking.
- Do not reveal your password. Under no circumstances will our bank employees demand you to divulge your password.
- If you receive an e-mail which requires you to "confirm your personal information, otherwise your account with the bank will be closed”, do not respond or click the hyperlink provided in the e-mail.
- Avoid logging onto what is claimed to be DBS iBanking website through hyperlink provided in any e-mail and entering your user name and password.
- Avoid transmission of your personal or financial information through e-mails. If you need to transmit personal financial information through the website, you must check the ‘security lock' logo on the browser in order to ensure that your information is securely transmitted. Our bank will not attempt to obtain your personal and financial information through forms in e-mails.
- Immediately check the transactions when you receive your monthly debit card and banking statements to make sure there are no unauthorized transactions. Please notify our customer service center if your debit card or banking statements are long overdue. You may also telephone us to confirm your mailing address for receipt of monthly statements as well as account balance.
Should I report fraudulent websites or suspicious e-mails?
Please contact our customer service center immediately if you suspect being cheated by fraudulent websites. Any report that you lodge will help us in identifying such fraudulent websites and take the appropriate action to stop them. Furthermore any relevant information that you provide can help our bank to notify customers in order for them to beware of such websites.
Beware of fraudulent e-mails
Recently there were fraudsters who sent false e-mails to bank customers and obtained their personal information. Such ruse had affected banks in numerous countries.
The e-mails easily misled customers to click false websites linked to them. They were websites that closely resembled bank websites such that customers were caught off-guard.
The e-mails usually claimed that customers needed to “update" or “confirm” their information, in order to trick customers into entering their user name, password, personal information and other banking-related confidential information. Once divulged such information would fall into the hands of fraudsters. Such fraudulent acts are usually known as “Phishing”.
For more information, please look under “phishing” or “e-mail bank scams” in this website.
To avoid being cheated, please see the following measures:
- Do not divulge your personal password to anyone. Please treat any suspicious e-mails that ask you for your personal information with care. Our bank will never send such e-mails.
- If you receive such an e-mail, do not reply or click the hyperlinks in it.Do not read chain or junk mails, delete them.
- Avoid entering DBS's official website through hyperlinks provided in e-mails or search engines.
Open DBS China’s website (https://www.dbs.com.cn) on any browser and add it to your "Favorite”, in order to facilitate direct logging onto the website in the future. - Avoid using public/shared computers in internet cafes, public libraries or other public venues, or use any dubious device to enter the iBanking website or other website that requires inputting password to access it, in order to prevent your personal information from being stolen, duplicated or abused after you have left the computer.
- If you suspect that you have been cheated or if you have any questions, please call DBS customer service center (4008208988) any time.
Beware of Spyware
Our bank recommends that customers be extra cautious in the use of any software that claims to be able to increase surfing speed. Such software or services may re-direct your online service to designated servers which will allow them to store and analyze your internet activities. When you use DBS or other encrypted online services, the relevant activities or input data such as user name, password, debit card number, banking and transaction records, etc. may as well be recorded by them.
How do you protect your own interest?
Do not access DBS website on computers which have been installed with surveillance software or software that re-directs your online service.
If you install any software which claims to be able to enhance your online speed or add third-party tool to the browser, you may already be using software which monitors your online activity. We recommend that you delete the relevant software. You may do so by accessing the “Control Panel”, and select “Add/Delete Programs” to find and remove such program.
Be updated regularly on spyware and be cautious about whether your computer has activities which hint of spyware, for example, proliferation of pop-up advertisements when on the internet, or receiving numerous dubious e-mails which show your personal information.
Install and activate anti-virus, anti-spyware software and personal firewall of reputable software companies to protect your computer from being intruded by virus or malware. You should regularly update such software and relevant security patch.
Do not use public/shared computers or dubious devices to access DBS iBanking website, because you can never be sure whether it has been installed with hacking program, surveillance software or software which re-directs your online service.
How DBS Bank protects your interest?
We closely monitor and intercept users who access our website using re-director software or spyware. If you have been denied access to our website, you may have inadvertently installed re-director software or spyware in your computer. Please remove such software.
How do you differentiate a real iBanking website from a fake one?
Fake iBanking websites imitate our iBanking website with a high degree of accuracy. Nevertheless the following 4 steps can help you to confirm whether or not the website you have accessed is a true one.
- Check whether the URL is correct -- https://www.dbs.com.cn
- Once you log onto personal iBanking, you can click a ‘security lock’ logo on the screen’s bottom right hand. A security certificate will be displayed. You can check information on DBS such as our company name, website, certifying organization, validity period and encryption type, etc.
- Enter your registered iBanking user name and password.
- Enter OTP for mobile phone. The OTP password will be sent to your mobile phone pre-registered with our bank.