Standard Chartered is committed to protecting you, your money, and your important personal information.

 

| Malware Alert |

Malware is designed to steal user information by altering the look and feel of the Bank's website. Recently, we have discovered a new malware program called "SpyEye" which targets Online Banking users' transactions, specifically with regard to beneficiary addition.

Q1. How do I know if my computer is infected with malware?

If your computer has been infected with malware, you will be prompted to enter your username, password and temporary password or One Time Password (OTP), which is a random unique code that is sent on your bank registered mobile number, all at once in one screen. The correct login method does not ask you to enter any OTP or temporary password on simple login.

OTP/temporary password/SMS Passcode is only needed while adding a beneficiary/bill payee or while updating your mailing address or changing your daily online banking transaction limits.

If your computer has been infected with the "SpyEye" malware, you will also be prompted for entering the OTP/temporary password/SMS Passcode, along with username & password, and then redirected to a page stating "We are checking your security settings. Every step can take 1-10 minutes. Please be patient and don't close or reload the page while we are checking the information".

The flow may not be exactly the same, in case of a malware infection, but it will not be the normal procedure followed by Online Banking.

Q2. What should I do if my screen shows the above?

If you encounter a message similar to the above, your computer is likely to be infected with the "SpyEye" malware. You are advised to close your browser immediately and inform the Bank through our 24-hour Phone Banking Service Line on 111-002-002. You are also advised to refrain from using this computer for Online Banking until it has been checked and cleared of the malware.

Q3. What should I do to keep my information safe online?

  1. Check that your antivirus software is up to date.
  2. Ensure that the One Time Password (OTP)/Temporary Password/SMS Passcode SMS messages reflect your Online Banking transaction requests. For example, if you receive an OTP message for a beneficiary addition or funds transfer that contains an account number that you do not know, do NOT enter it into the Online Banking and instead inform the Bank immediately.
  3. For your security, do not click on links from emails, install any programs from doubtful origins or perform online transactions on computers that you suspect are compromised.
  4. Always access our Online Banking service by typing in the correct URL (http://www.standardchartered.com.pk).

For more information

To find out more about Online Banking security measures to help keep your financial information safe and secure, please click here.

We will never ask for your Online Banking Password or One Time Password (OTP)/Temporary Password/SMS Passcode, in an email or over the phone. If you suspect that your computer or your bank accounts have been compromised while banking online with us, please contact us on 111-002-002 immediately.

Note: Standard Chartered is not the source of this malware and our Online Banking remains secure.

Back to top

 

I Phishing Alert I

We have been advised that fraudulent emails from persons/entities claiming to be from Standard Chartered Bank have been sent to some customers. These emails have requested that customers provide personal information relating to their Online Banking relationship with Standard Chartered Bank. Phishing is a common internet scam where an email disguised to be from legitimate businesses is sent to recipients tricking them into sending their confidential data.

For example such an email may tell customer that their Online Banking account has been disabled due to some security concerns and that customer should click on the link provided on the email or provide their personal information so that a representative of Standard Chartered Bank can contact the customer by phone or email to verify their details to re-enable their accounts.

Our procedures rank among the best when communicating with our customers. Whether by email or other form of telecommunication, representatives of Standard Chartered Bank would not ask you to provide your Online Banking identifiers like Online Banking password and/or PIN, etc. Any request that seeks this information is not from Standard Chartered Bank and should be reported to the proper authorities. As a matter of policy, Standard Chartered Bank follows strict guidelines including procedures to protect customer data and to prevent unauthorized disclosure.

 

Important points to note:

  1. Please do not enter your user ID and password on any other site other than www.standardchartered.com.pk
  2. To ensure that you are visiting the legitimate Standard Chartered website, always go to the browser and type in www.standardchartered.com.pk and then click on Online Banking and login.
  3. Never click on links provided in such emails that may contain malicious contents.

If you do receive a suspicious email, please contact Standard Chartered Bank by forwarding the suspicious email to group.webmaster@standardchartered.com.

To find out more about online banking security measures to help keep your financial information safe and secure, please go to the Online Banking section on the standard chartered website at www.standardchartered.com and click on the "Security Tips" in the Online Banking page.

Back to top

 

I Important Security Tips I

Type your internet banking URL

Always access our internet banking by typing the correct URL (http://www.standardchartered.com) into your browser. Never click on a link in an email to take you to a website, or enter personal details either in the email or website.

PC security

It is important to use up-to-date anti-virus software and a personal firewall. If your computer uses Microsoft Windows, it is important to keep it updated via the Windows Update feature, equally if you use another operating system you should check regularly for updates. You should be vigilant if you use internet cafes or a computer that is not your own and over which you have no control.

Check for spyware

In addition to being protected by using up-to-date antivirus software you should also regularly use software to remove spyware from you computer, as these programs record information about your internet use and transmit it without your permission. In some circumstances this can compromise your PC security.

If it sounds too good to be true...

It probably is. Don't be conned by convincing emails offering you the chance to make some easy money. As with most things, if it looks too good to be true, it probably is. Be cautious of unsolicited emails from overseas - it is much harder to prove legitimacy of the organisations behind the emails.

Keep your identity private offline

Your identity can be as easily stolen offline as it can online. It is important that you comply with instructions about destroying new PIN numbers and expired bank cards.

You should also consider using a crosscut shredder to destroy bank and other statements that may contain sensitive personal information. It is advisable to store retained documents in a suitable locked and fireproof container.

Ensure you log off properly

It is important to completely log off from your internet banking session; simply closing the window you performed the transaction in may not close the banking session. If your computer is infected with a Trojan, your session may become hijacked by a criminal and financial transactions may be performed without your knowledge. It is also advisable to disconnect from the internet if you are not planning to use it.

Back to top

 


© Standard Chartered Bank 2013.