You're about to leave our website

This hyperlink will bring to you to another website on the Internet, which is published and operated by a third party which is not owned, controlled or affiliated with or in any way related to Standard Chartered Bank (Hong Kong) Limited or any member of Standard Chartered Group ( the "Bank").

The hyperlink is provided for your convenience and presented for information purposes only. The provision of the hyperlink does not constitute endorsement, recommendation, approval, warranty or representation, express or implied, by the Bank of any third party or the hypertext link, product, service or information contained or available therein.

The Bank does not have any control (editorial or otherwise) over the linked third party website and is not in any way responsible for the contents available therein. You use or follow this link at your own risk. To the extent permissible by law, the Bank shall not be responsible for any damage or losses incurred or suffered by you arising out of or in connection with your use of the link.

Please be mindful that when you click on the link and open a new window in your browser, you will be subject to the terms of use and privacy policies of the third party website that you are going to visit.


Proceed to third party website

Stay safe when you bank online

Person, Human, Art
Person, Human, Art

Stay safe when you bank online

Banking with peace of mind

Be a smart digital user! While you are enjoying the convenience of banking online, you also need to be careful and adopt good security habits to protect your bank accounts and information.

Important Note:
After SC Mobile Key registration or re-registration and initiating identified high risk instructions (e.g. add new payee, fund / payment transfer, increase transfer limit, etc), your Digital Banking account may be suspended due to security reason. Please call our hotline 2886-8862 for identity verification. The bank will re-activate your Digital Banking account after verification, and you could re-initiate the instruction thereafter.

You are on a commute to work and receive the following SMS on your phone. What would you do?

Text, Face
Would you tap the link right away to check about your bank services?

Think again. Does it look unusual that your bank services are suspended while you are not aware of any related notification from the bank before?

the same time, you recall that you have read earlier from your bank’s messages that there would not be any hyperlink included in the communications from the bank requesting for Online or Mobile Banking logins.

Text, Label, Paper

It looks like that it is a trap from fraudsters trying to steal your Online or Mobile Banking login credentials.

Tips for a safer Digital Banking experience

Update your apps and remember to log out

  • Our tips for you:

      • Start by regularly updating the apps and anti-virus software on your mobile phones, tablets and laptops.
      • Download the SC Mobile app from Google Play or the App Store – never from third-party sites.
      • When making a transaction, remember to double check the details before you press the submit button.
      • Always log out of the SC Mobile app or Online Banking session after use and never leave it running in the background.

Always ensure your password is secure

  • Our tips for you:

      • When logging in to Online or Mobile Banking, safeguard your login details by keeping them away from prying eyes.
      • Don’t store your username, password or account number on your mobile phone.
      • Ensure your bank account password is unique from your other passwords.
      • Never share your banking login details or One-time Passwords (OTPs) with anyone.

Be aware and never share

  • Our tips for you:

      • Be careful about sharing personal information like your full name, date of birth, address, mobile or phone number. These details could be used to steal your identity.
      • Never respond to unsolicited emails, phone calls or texts. Scammers are clever at impersonating someone you trust, such as a police officer or a Bank representative.
      • Beware of payment or fund transfer requests from people you don’t know. If you are unsure, speak to someone you trust or contact us before making any payment or cash transfer.
      • Watch out for unauthorized cash deposits or withdrawals on your account, they could be fraudulent transactions.
      • If you receive a suspicious email, text or phone call allegedly from the Bank, please check the identity of the sender or caller with us immediately.

Phishing

What is phishing?

Phishing is a cyber crime where fraudsters try to obtain your personal information by email, messaging apps, SMS (also known as smishing) or phone (also known as vishing). This information can be used for identity theft, payment scams and credit card fraud as well as many other forms of cybercrime. Malicious links or attachments are often included in phishing and vishing messages, designed to steal your information or infect your system with malware (malicious software).

How can I spot if it is phishing?

  • Fake messages allegedly from the bank – Fraudsters can send you fake bank account statements, overdraft notices or loan cancellations. They may include our logo or even mimic our electronic mailers.
  • Your private information at risk – Fraudsters may ask you for your Digital Banking login credentials, one-time password or credit card number, by creating a webpage that looks like the official Online or Mobile Banking login pages or asking you sensitive questions. Malicious links or attachments are often included, designed to steal your information or infect your system.
  • Fake and unexpected prizes – Beware of unexpected prizes in fake lucky draws allegedly from us. Fraudsters may demand a token sum from you or insist you reveal your personal information in order to win.
  • Fake bank staff – Fraudsters may identify themselves as bank staff and ask you to provide personal particulars and financial information, or even perform transactions in the call.

Our top safety tips for you

  • Look carefully at the sender’s address for lookalike domains (e.g. john@standardchartd.com), and never respond to, click on hyperlinks or download attachments in unsolicited emails, messages or phone calls.
  • We would never ask you to provide your private information (e.g. your account and credit card numbers) and you should never reveal these details to anyone.
  • We would not include hyperlinks in our communications (e.g. SMS or email) requesting you to log in to Online or Mobile Banking. If you need to change your Digital Banking password, visit our Online Banking login webpage. Our official domains include sc.com, m.sc.com and retail.sc.com.
  • For mobile banking, update your SC Mobile app and phone’s OS regularly to ensure your security is always up to date.
  • We do not provide advice and recommendations on individual stocks through any communication channels, including phone calls and instant messaging apps (e.g. Whatsapp and WeChat). Be aware of possible ramp-and-dump scam.
  • We will send you an alert via SMS or email upon completion of each “card-not-present” credit card transaction. Please check upon receipt, and notify us immediately if there is any transaction in doubt.
  • Should you have any doubt about the identity of caller or the validity of the number they are using to contact you, please call our official hotline at (852) 2886-8868 for verification.

Back to top>>

Weak passwords

Why do I need a strong password?

Cyber criminals comb the internet and social media to find your personal information. So ensure you have a strong password to deter them. Weak passwords are uncomplicated and commonly used, for instance 12345678, or associated with your personal data, such as names or birthdays. As a matter of fact, it only takes a fraction of a millisecond to crack an uncomplicated 7-character password1.

How you can secure your personal information

  • Do not use the same password for multiple sites or accounts. Ensure the password used for your Standard Chartered banking account is unique from your online and social networking accounts.
  • Keep all passwords safe and confidential. Standard Chartered may verify the number of accounts you have, but we will never request your login credentials, whether by phone, email or text.
  • Strengthen your password by using a combination of upper and lower case characters, numbers and special characters. Likewise, a 12-character password is significantly stronger than 7 characters.
  • Memorise your banking password. Never write it down or store it on your devices. Additionally, make it a point to update your password regularly. Change the password immediately if you think it has been compromised.

1Web of Trust, Here’s How Long It Takes to Crack Your Password

Back to top>>

Mobile device threats

Why you need to secure your mobile device

Mobile devices are not immune to security threats. Installing a malicious app or clicking on a phishing link, for example, can provide cyber criminals with a back door to your mobile device and sensitive data.

Bank safely with us

Protect your phone and banking information by following these tips.

  • Download SC Mobile App from Google Play or the App Store or here. Never download the app from third-party or unknown sites.
  • Always log out from SC Mobile App after use, and never leave it running in the background especially after you have signed in.
  • Do not store your passwords, access codes or account numbers on your mobile phone. Cyber criminals can steal this information if your device is hacked or stolen.
  • Never use a ‘jailbroken’ (iOS) or ‘rooted’ (Android) device for your banking transactions. They make it easier for hackers to access and manipulate your phone’s operating system.
  • Malicious links or attachments in phishing messages are designed to steal your banking details or infect your mobile device. Never click on hyperlinks or download attachments in unsolicited emails or texts.
  • Ensure your phone’s operating system is updated regularly to fix any security gaps. Cyber criminals can exploit any software vulnerabilities to access your phone without your knowledge.

Back to top>>

Malware

What is malware?

Short for ‘malicious software’, malware is an intrusive programme installed on your computer or smartphone, often without your knowledge or permission. Once installed, it enables cyber criminals to commit fraud, like steal your banking credentials, run payment scams or hijack your system for a ransom.

Understand the common types of malware

  • Virus: infects files and software, and spreads to other computers in the network
  • Spyware: spies on your online activities and collects your information
  • Ransomware: encrypts information and keeps it from you, in exchange for money
  • Trojan: disguises itself as a legitimate software to modify, destroy or steal

Bank safely with us

Malware can come from various sources, like fake Standard Chartered assets; including websites or emails with attachments containing malware. You can protect yourself from malware by taking these precautions.

  • Never download files (including email attachments) without verifying that they are from a legitimate source. To access our banking services or resources, visit our website at https://www.sc.com/hk/.
  • Delete junk and chain emails. If you have opened one, do not click on any links or download any attachments. To change your Online Banking password, use our Online Banking login webpage. Never change it via any email links.
  • Install anti-virus and anti-malware protection on your devices. Enable the ‘automatic updates’ feature to ensure the software is able to detect and remove newer malware.
  • Never connect to unknown and unsecure Wi-Fi networks when carrying out online banking. If you are using your home network, ensure your router is secured.

Back to top>>

Social media threats

Security risks on social media

Cyber criminals often use social networks to gather your personal information. This helps them craft convincing phishing texts or emails, designed to steal your identity or takeover your social and banking accounts.

Practice safe social networking

  • Be mindful of what you are sharing online as some of this information can be used to steal your identity. This includes your date of birth, address or phone number.
  • Beware of cyber criminals who use a fake identity to start a relationship with you, this is known as catfishing. Their aim is to scam you of your money once they have earned your trust. Tell-tale signs include a reluctance to meet up in person or a lack of friends on their social networking account.
  • Keep potential fraud and spam out of your regular email inbox by creating a separate email account for social networking purposes. Never click on hyperlinks or download attachments in unsolicited emails.
  • Further protect your account by using a unique password for each of your social networking profiles. Ensure it doesn’t match the password used for your Standard Chartered bank account.
  • Keep your social networking accounts private and restrict them to friends and family only. This makes it harder for cyber criminals to monitor your online activities on these platforms.

Back to top>>

Don’t be a victim of cyber crimes and threats!

Looks suspicious? Make sure you reach out to us!

If you suspect any unauthorized access or transactions have been made to your account, please close the mobile app or web browser and contact us immediately at (852) 2886-8868 or visit any of our branches.

Remember, Standard Chartered will never request for your password or security information by phone call, email or SMS. Also, we would not include hyperlinks in our communications (e.g. SMS or email) requesting you to log in to Online or Mobile Banking.