Dear Valued Customer,
Commitment to Safeguard Your Account
We are committed to keeping your account information safe and secure, and we take this responsibility very seriously. Recently "Man-In-The-Browser" attacks against online consumers have been on the rise in the industry. Therefore, we are sharing with you information that will help you protect yourself against these new threats.
What is a Man-In-The-Browser attack?
A Man-In-The-Browser (MITB) attack is when an attacker intrudes into an existing connection to capture data and inject false information. It involves eavesdropping on a connection, intercepting messages, and selectively modifying data.
A common MITB attack scenario involves the attacker taking control over a customer's login session. The attacker transmits a screen similar to the Standard Chartered online banking screen requesting the customer to wait while their details are being verified. Meanwhile the customer's account would have been compromised and the attacker would have initiated a beneficiary addition request. An SMS Security Code (eTAC) is sent to the customer's mobile phone as part of the beneficiary addition process. The attacker then manipulates the customer's screen to prompt the customer to key in the eTAC in order to proceed with the login process.
How to Protect Yourself Against a Man-In-The-Browser attack?
Follow the tips below to protect yourself against MITB attacks:
- If you notice an unusual screen or message during your online banking login session, please do not proceed.
- If you receive an eTAC that you have not requested for, do not act on it.
- Review your beneficiary list for any unauthorized additions.
If you come across any of these suspicious activities, contact us immediately on 600 5222 88 from within the UAE or on +971 600 5222 88 from outside the UAE.
Additional Tips for Online Banking
- Always access Standard Chartered Bank's internet banking by typing in the correct URL (www.standardchartered.ae) into your browser. Never click on a link in an email to take you to a website and enter personal details either in the email or website.
- Do not share your online banking user name, password and eTAC with anyone! We will never solicit this information from you.
- Do not use public computers to access internet banking e.g. internet cafes, libraries or hotels.
- Never download any program over the internet unless you are positive of the source is secure.
- Keep your anti-virus and firewall software up-to-date
For More Information
For further information about online banking security measures which will help keep your financial information safe and secure, please visit www.standardchartered.ae/onlinesecurity.
Standard Chartered Online Banking