Jun 03 2009

Beware of Fake Online Banking Sites

Published by lioninvestor at 1:43 pm under Scam
This post has 5 comments. Click here to leave a comment.

Our three local banks – DBS, UOB and OCBC have been the target of scammers/phishers recently.

Computer trojan programs installed into infected computers can trick users into revealing their internet banking passwords. 

The login page looks very similar to the actual one, except are a minor difference. 

Here’s how the fake DBS login page looks like:


Notice that you are prompted to enter your token pin on the first login page. The request for the token pin is usually done on the second page.

If you observe the url of the fake site, it is identical to the real one. Even users who bookmark the normal login page can be taken to a fake site if your computer is infected with the trojan.

Do update your anti-virus software carefully and if you detect anything suspicious, do not hesitate to contact your bank.

Related Posts
  • Share/Bookmark

5 responses so far

5 Responses to “Beware of Fake Online Banking Sites”

  1. # Ee Minon 03 Jun 2009 at 6:17 pm

    aiyo.. scammers are everywhere, plus virtual space. a good aV is eset NOD32. few pp hear of it, but my personal exp w/ it has shown to be very reliable agt flushing out virus/trojans/phishers etc.

    check out review @ http://www.av-comparatives.org :)

    Reply

  2. # Jasminon 04 Jun 2009 at 12:00 pm

    On a first glance, I did not know the difference between the real and fake login page!
    How terrible and careless am I !

    Reply

    lioninvestor Reply:
    June 4th, 2009 at 7:46 pm

    Hi Jasmin,

    If not for the warning, I think most people would have be taken in by the fake website..

    Reply

  3. # Jasminon 04 Jun 2009 at 7:59 pm

    Hi lioninvestor,
    The token generates a number only known to the person holding it at that moment. Even if the hacker got the username and password, the 3rd “blank” given by the token is hard to fill. Is this sufficient to prevent hacking?

    Have you any info on other fake banking websites such as OCBC or UOB?

    Thanks.

    Reply

    lioninvestor Reply:
    June 4th, 2009 at 8:32 pm

    Hi Jasmin,

    That is the purpose of the fake site. To bluff the user into entering the token as well.

    If you noticed, DBS now requires you to enter the token again when you are doing any fund transfer. So even if the scammers do manage to login, I doubt they can do the fund transfer.

    No, I don’t but according to the news, the fake page also requires user to give away the token on the first page.

    Reply

Trackback URI | Comments RSS

Leave a Reply