Staying secure in the digital age

Digital technology has vastly increased convenience for bank customers, but it's also made life easier for fraudsters to trick and cheat people out of their funds.

Social engineering

Social engineering is the act of tricking you into revealing information such as your personal identification number, or any sensitive information that could later be used for financial gain. Phishing emails are a common type of social engineering attack where you receive emails allegedly from companies you trust asking for your personal information, card or bank details. Always check the source of the link by hovering your mouse over the host email address.

Malware

Malware, short for ‘malicious software’, is software that is illegally and unknowingly installed on your computer or mobile device. This happens when you click on a phishing link in an email, visit unsafe websites or download malicious software and mobile applications. Spyware is a common form of malware that spies and collects your card details and passwords.

ATM skimming

ATM skimming means criminals capturing card details or PIN numbers from people using ATMs. They might do this by installing a copying device over the ATM card reader or a camera above the keyboard, or they might simply look over your shoulder. So check the ATM has not been tampered with, always shield your PIN and don’t forget to take your card when you’re finished.

Card fraud

Card fraud begins with the theft of either a card or its data: name, number, expiration date, and verification/CVV code. Fraudsters commonly acquire card details online via malware, phishing emails, or sometimes from statements thrown in the bin.

Sim porting/swapping

The fraudster impersonates you and asks your phone service provider to either replace your SIM card, or move (‘port’) your mobile number to another provider. Once the change is done, they can then gain unauthorised access to your bank accounts by intercepting authentication texts. Keeping your mobile safe is more important than ever.

Payment scammers deceive victims into sending or receiving money. They target them using phones, emails, texts, social media and advertising. Payment scams can take many forms. The common ones are:

  • Advance-fee scam: A request for upfront payments before a prize is released. You first receive a call informing you that you have won a prize. Before receiving the prize, you are required to pay the courier, processing and custom fees. Payments are usually to an overseas account but after these payments are made, the prize remains elusive. This scam is also known as the ‘419 scam’.
  • Fake emergencies: This could be a social media post of a child requiring funds for critical surgery or a call pretending to be from the hospital or police telling you that your relative has had a life-threatening accident and needs a cash deposit before life-saving medical work is undertaken.
  • Romance scams: Fraudsters pretend to court victims on dating sites, but never meet them. They then request money for things like medicines or travel. The money is paid into an overseas account and immediately withdrawn, making it difficult to recover.
  • Money mule: Scammers ask victims to receive or transfer funds for a small fee. It sounds like easy money, but by agreeing, you could be laundering criminal revenues and participating in crime. Never agree to transfer money for people you don’t know.
  • Boiler Room scams: Hard-sell tactics that pressure you to invest in a high-returns bonds/shares offered for a very limited period. Investment funds are transferred to an offshore account, never to be seen again. Sometimes fraudsters will create fake bonds using the name of a real company – but that company has no connection at all with the bonds.

Tips against payment scams:

  • Verify that the other party is legitimate before providing payment details.
  • Only purchase from secure e-commerce sites. Secure websites begin with “https” as opposed to “http”. Also look for a small closed lock symbol on the address bar.
  • When making online purchases, double-check the website’s authenticity.
  • Always use strong passwords for your purchasing accounts.

Tips against social engineering:

  • Think before you post on social media to avoid unintentionally revealing confidential information that could be used against you.
  • Do not click on suspicious advertising links on social media, SMS, mobile chat applications or reply to emails from people you don’t know.
  • Always set a strong online banking password and don’t share it with anyone, even if the bank seems to be asking for it. The bank will never ask you for this information.
  • Check the authenticity of the sender’s email address before taking any action or hover your mouse over the email address to confirm the domain URL address. If suspicious, report immediately.

Tips against malware:

  • Keep your software up-to-date and regularly run virus checks to ensure your mobile device and computer are free of malware.
  • Be wary of suspicious email attachments or links especially from unknown senders. Your device can get infected with malware automatically or you can get tricked into downloading and installing malware.
  • Don’t use unfamiliar removable drives. Some types of malware can spread by copying themselves to USB flash drives or other removable drives.
  • Be wary when connecting to public hotspots, particularly those that do not require authentication, e.g. in airports or shopping malls.

Tips against ATM scams:

  • Never give your PIN code to anyone, and always cover the keypad when entering your PIN.
  • Avoid using the ATM if the machine looks tampered with, or out of the ordinary such as exposed wires attached to the device.
  • If you encounter a jammed ATM, avoid using the other available machines. The ATMs may be deliberately disabled to direct you to use a machine installed with a copying (skimming) device.
  • Regularly check your bank account or bank statement for unusual or unauthorised transactions. If you notice any discrepancies, report it immediately.
  • Immediately report a lost or stolen ATM card.

Tips against card fraud:

  • Shred credit card statements before disposing of them.
  • Always check your credit card statements and immediately report anything suspicious to the bank. Even if you’re not sure, report it right away.
  • Quick reporting increases your chance of recovery and protects you from further damage.

Tips against SIM porting/swapping:

  • Beware of unsolicited calls, texts or emails seeking personal, confidential or financial information even if they appear to be from your bank.
  • Always look out for text messages from your bank or telecom service provider advising you of unauthorised activity.
  • Check with your telecom service provider immediately if your mobile service stops working unexpectedly.
  • Never disclose your online passwords or PINs to anyone. Standard Chartered Bank will never ask you for these details via any of our communications with you.

Better safe than sorry

Regardless of whether the fraud is only suspected or is a confirmed incident, always notify the bank right away. Promptly reporting any possible fraud increases your chance of recovery and helps protect others.

"The bad guys aren't standing still. Neither should we."

Bill Winters | Group Chief Executive

Back to Fighting Fraud