How you can guard against banking scams

Emails, text messages, phone calls. Today, these channels and more have been leveraged to create convenience for consumers in multiple service industries, including banking. Unfortunately, cyber criminals have also exploited these same avenues to conduct their scams. Just how savvy are you in discerning a fraud?

As hackers get more sophisticated with their tools and methods, users have an important role to play in adopting good security practices. Just like how you would naturally be guarded against suspicious characters at the ATM, you need to be as diligent whenever you bank online, even from the comfort of your home.

While the bank proactively predicts, prevents, detects and responds to cybersecurity threats, here are some ways you can keep yourself protected.

2FA: Two is better than one

• If you’re out and about and need to login to a service, it’s common to tap onto public Wi-Fi networks, especially while on holiday overseas. While convenient, public Wi-Fi networks do carry the risk of being less safe than a known network such as your office or home.
• If you wish to initiate certain transactions or view your account details, you will be prompted to enter a one-time password (OTP) sent to your email, mobile phone or security device.
• A “transaction signing” is required for transfers involving larger sums of money (currently above S$15,000), or transactions deemed high-risk, such as adding a new funds transfer recipient. By entering the 6-digit code generated on either your security device or mobile phone, this action further protects your account from being compromised. Always check the message prompts to ensure that the details of the transaction are accurate.
• Banking apps, such as DBS/POSB digibank, now offer a digital token where the OTP is generated and verified in the background on a registered device. This enables you to bank securely and makes your banking experience more convenient without the hassle of carrying around another device.

Securing your access on wireless networks

• If you’re out and about and need to login to a service, it’s common to tap onto public Wi-Fi networks, especially while on holiday overseas. While convenient, public Wi-Fi networks do carry the risk of being less safe than a known network such as your office or home.
• There is also the possibility of “spoofing”, where a public Wi-Fi network looks official, but is set up by miscreants to steal your data or install malware.
• If you need to perform banking-related services, make your online banking transactions only on secured Wi-Fi networks that require a login. Otherwise, consider using your mobile phone data network to access digibank instead.
• All bank websites should have “https” instead of “http” in their URL.
• Always clear your cache when you’re done.

Change your PIN and password regularly

• Set reminders to change the Personal Identification Number (PIN) and password of your digibank account and other banking apps like PayLah! regularly. This reduces the risk of your password and account being compromised.
• If you’re setting up a new PIN or password, avoid words, phrases or sequences that are easily guessed. That rules out using your birthdate or phone number as a PIN. Depending on your mobile device, technologies such as TouchID and facial recognition can help authenticate you securely.
• Avoid using the same password/PIN for all your banking and non-banking related accounts.

Not all “important notices” are real

While previously easily identifiable through questionable grammar and flashing headlines, phishing scams have increased in sophistication. If you’ve received emails purportedly from your bank asking you to login to your account, here are some basic precautions you should take.

• Do not click on links sent through mediums such as emails, SMSes and Whatsapp. Offers that sound too good to be true are probably fake.
• Always ensure that you are browsing our websites: https://www.dbs.com.sg or https://www.posb.com.sg.
• Do not enter your banking account information (especially your PIN or password) on any third-party websites. They could be phishing sites or fraudsters, out to mine your information for ulterior motives.
• Do not give out your password or PIN via email, SMS, or other messaging programmes.
• Beware of “Official notices” that request for your bank login credentials.
• Go to https://www.dbs.com/security to learn more about known phishing emails and websites targeting DBS customers.

If still in doubt, contact your bank or supposed sender to confirm that the communication came from them.

Set transaction limits

• Be proactive - set a lower daily limit for transactions such as local transfers and overseas transfers. That way, if your account were to be compromised, your daily limit would prevent large transactions that could otherwise empty your account.
• You can set the threshold amount via digibank mobile/online for:
• Transfer to DBS/POSB accounts
• Transfer to other bank accounts
• Transfer to overseas accounts
• Bill payment limit
• D2Pay limit
• Overseas Visa transfer limit
• Visa or MasterCard debit limit
• Also, know that DBS will send you an alert SMS when there are any suspicious transactions, such as large sum transactions or overseas payments performed digitally. Should there be unauthorised transactions, call the bank to stop the payments.

See also: How to set a transaction alert

Be up-to-date

• Make it a habit to know your bank balance and check it regularly. If you spot any irregularities with your bank balance or in your e-statement, contact the bank immediately.
• Only download and update DBS’s mobile applications from Google Play or Apple’s App Store to ensure that your application is legitimate.

If you notice anything amiss with your online banking experience, such as any suspected information leak, call us at 1800 339 6963 at once. Bank online securely and enjoy a world of convenience at your fingertips.

See also: Security and You