Security Alerts

It's also important that you, as an end-user, are aware of suspicious and fraudulent activities, intruders, viruses and malicious programmes.

Please read the following to learn how you can better protect yourself.

Security Alert: Social Networking Sites – Is it Safe?
30 July 2009

Facebook, Twitter, MySpace & LinkedIn are some examples of social networking sites.

Social networking sites are websites where people can get connected. Users from all over the world can link up with one another to exchange views, share photos, or just get updates about each other. Users can also form groups to discuss like-minded topics like fashion, food or shopping. A great deal of information is shared on these sites.



However, the openness of the internet is also a big security drawback. Users can use any name to register themselves, and there are no validation checks. Do you really know who you are communicating with? Is your friend called 'Alex Yeo' really the same 'Alex Yeo' you knew from your school days fifteen years ago? Are you certain it is not someone pretending to be your friend in order to gather information about you and your family? Any information you have on the site could be exposed if you set it to be accessible by everyone.

The popularity of these sites with users also makes them a haven for internet hackers. Social networking sites have been used to distribute viruses which infect computers, or send mass mails to contact lists of infected users. Unsuspecting users could also be lured into vice activities through such sites. There has been a marked increase in the number of such attacks originating from such sites.

In order to protect yourself and your loved ones, here are some tips you can follow:

What you should do
Never put anything on your social networking profile that you wouldn't want to be shared as common knowledge. Do not reveal sensitive contact information (NRIC, address or contact numbers). Never enter your password or account number unless you have verified the site is authentic. Ensure your information is only visible to your friends – this can usually be restricted under the settings for the website.

Do not click on website links sent to your via emails. You should manually type the website address. Links may bring you to a bogus site which is made to look like the actual site – this is known as a phishing website.

Change your password regularly - If you suspect your account has been compromised, immediately change the password and report the incident to the social networking site administrator.

Monitor your email account - Individuals who experience identity theft may start receiving a large amount of unsolicited emails, or discover that the people who appear on their "friends" list are receiving e-mails with inappropriate content.

Do not download or install any software from unknown sources. Additional software that is intended for malicious purposes could be downloaded together with the software you require, and could possibly infect your computer; or gather and send out information without your knowledge.

Install a reputable software security suite - having a regularly updated anti-virus and firewall software will dramatically reduce the risk of becoming a victim of malware attacks.

We wish to remind you that UOB will never request customers to provide, update or verify account or card information via email.

If you encounter any suspicious online activity in relation to your account(s), please notify us immediately at 1800 222 2121.



Phishing Alert
12 June 2009

Please be informed that a fraudulent email, disguised as an official email from UOB Singapore, is in circulation. This email attempts to inform the reader about a previous request for login details. This is a sample of what the bogus email may look like:

(Note: sensitive information has been masked out)

What should you do?
Ignore and do not reply to the email.

We wish to highlight that UOB will never send emails to customers providing or requesting personal information such as your Username, Password and One-Time Password (OTP).

If you encounter any suspicious online activity in relation to your account(s), please notify us immediately at 1800 222 2121.



Security Alert: Beware of New Trojan Horse virus
21 May 2009

There is a new Trojan Horse virus that can steal your Internet Banking login information - User ID, password and one-time password - even before the software browser can encrypt and protect your information.

It then sends your personal information to the culprit behind the virus, who then uses your personal information to login to your account and make unauthorized funds transfers within a short period of time.

How to spot the virus
When a customer attempts to log in to the Bank’s Internet Banking webpage on a computer infected with the Trojan Horse virus, the browser will appear to hang. The customer will then be prompted to re-enter his or her login information multiple times. The Trojan Horse virus will capture the information and send it to the culprit.

What you should do
Ensure that your anti-virus software is updated regularly with the latest virus signature. You may wish to consult your vendor on how to do so. If you suspect that your computer might be infected, please do a full scan of your computer with your anti-virus software to remove the Trojan Horse virus.

If you encounter any suspicious online activity in relation to your account(s), please notify us immediately at 1800 222 2121.

Security Alert on latest Trojan Horse virus in circulation
10 Nov 2008
It has come to our attention that a Trojan Horse virus currently in circulation is requesting for sensitive account information such as credit card details. If you encounter a pop-up webpage requesting for such information, please do NOT respond. This is a sample of what the webpage may look like:



We wish to remind you that UOB will never request customers to provide, update or verify account or card information online or via email.

What should you do?

	Please ensure that your anti-virus software is updated regularly with the latest virus database. You may consult your vendor on how to do so. If you have previously encountered the abovementioned webpage, do a full scan of your computer with your anti-virus software to have the Trojan Horse programs removed.

One Time Password Phone Scam
4 Jul 2008
Please note that we have received reports that there is currently a SMS/Phone scam to transfer funds via Internet Banking. The perpetrator would contact the victims via mobile phone informing the victims that they had won vouchers from well-known regional organisations. In order to receive their prize, the victim would need to apply for Internet Banking access via ATM machines. The perpetrator would then coach the victims to enter a default static password and to enter the perpetrator's mobile number to receive SMS-OTP.

With knowledge of the above Internet Banking ID and static password, the perpetrator would then go online to perform Funds Transfer or Telegraphic Transfers out of the victim's account to accounts maintained with a foreign bank.

Customers should be aware that the mobile phone number used for SMS-OTP must be their own and should not belong to an unknown third-party. Also, customers should not disclose their banking information (such as PIN) to unknown persons. When in doubt, always contact the Bank for verification. Consumers are also advised to check their statement of account promptly and immediately notify the Bank of any discrepancies.

Fraudulent letter purportedly originating from UOB Venture Management (UOBVM) in circulation
4 Feb 2008
It has been brought to our attention that a certain Introduction Letter purportedly originating from UOBVM is soliciting interest for pre-IPO shares in a US Company. We wish to inform that UOBVM is currently not soliciting interest for any direct investments in companies (e.g. pre-IPO shares in US companies). If you are approached by certain persons claiming to be employees of UOBVM and soliciting interest, please inform UOBVM at 65 6539 3044 or email info@uobvm.com.sg.


Lucky Draw Scam
27 Jul 2007
It has come to our attention that there have been reported incidents of a Lucky Draw scam where customers were contacted by a company known as "Hong Kong Bao Lung" and told that they had won a prize in a lucky draw (supposedly held in association with UOB Hong Kong). They would then solicit personal information like Name, Identification Card number and Bank account numbers.

We would like to alert our customers that UOB does not have any relationship nor is in any way associated with "Hong Kong Bao Lung".


Phishing Alert
27 Jul 2007
It has come to our attention that there is an email claiming to originate from UOB Singapore (onlinesecurity@uobgroup.com) that is in circulation. The email invites the reader to click on a link and attempts to solicit personal and sensitive information (for example Username, Password and One-Time Password) from the reader via a bogus UOB website. This is a sample of what the suspicious email may look like:


(Note: the URL has been masked out)

What should you do?
Ignore the email and do not click on the links provided in the email.

We wish to highlight the fact that UOB will never send emails to customers requesting for personal information.

If you wish to access a website belonging to UOB or its subsidiaries or associates, always personally and directly enter the relevant website address in the browser address bar. Do not login via any hyperlink within emails. 

If you require further assistance, please contact us at 1800 226 6121.


Security Alert on latest Trojan Horse virus in circulation
7 May 2007
It has come to our attention that a Trojan Horse virus currently in circulation is requesting for sensitive account information such as credit card details. If you encounter a pop-up webpage requesting for such information, please do NOT respond. This is a sample of what the webpage may look like:


(Note: the URL has been masked out)

We wish to remind you that UOB will never request customers to provide, update or verify account or card information online or via email.

What should you do?
Please ensure that your anti-virus software is updated regularly with the latest virus database. You may consult your vendor on how to do so. If you have previously encountered the abovementioned webpage, do a full scan of your computer with your anti-virus software to have the Trojan Horse programs removed.

If you encounter any suspicious online activity in relation to your account(s), please
notify us immediately at, please contact us at 1800 226 6121.

Phishing Alert
22 Jan 2007
Please be informed that there is an email claiming to originate from UOB Singapore that is in circulation. The email invites the reader to click on a link and attempts to solicit personal and sensitive information from the reader via a bogus UOB website. This is a sample of what the suspicious email may look like:


(Note: the URL has been masked out)

What should you do?
Ignore the email and do not click on the links provided in the email.

We wish to highlight the fact that UOB will never send emails to customers requesting for personal information.

If you wish to access a website belonging to UOB or its subsidiaries or associates, always personally and directly enter the relevant website address in the browser address bar. Do not login via any hyperlink within emails. 

If you require further assistance, please contact us at 1800 222 2121 or +65 6222 121 when calling from overseas.


Security Tips when using ATMs
20 Oct 2006
There has been an increasing number of ATM card skimming cases reported around the world with intermittent incidents occurring across Asia. To reinforce ATM security for our customers, we will be progressively installing Fraudulent Device Inhibitors (FDIs) on the card insertion slot at UOB ATMs. The FDI prevents would-be fraudsters from placing a skimming device over the ATM card insertion slot.
To ensure your ATM banking transactions are secure, we would like to draw your attention to the following security tips:

• This is how the UOB ATM card insertion slot looks like:
  Without Fraudulent Device Inhibitor     With Fraudulent Device Inhibitor
  

• Beware of any foreign object/device attached to the ATM machine that makes it look unusual.
• If you notice anything that seems unusual or suspicious about the ATM machine, do not use it. Please call us at 1800 222 2121 to clarify immediately.
• Do not enter your Personal Identification Number (PIN) when someone else can see you keying it in.
• Change your PIN immediately if you suspect that it has been exposed to others.
• Always protect your PIN.
  • Do not write the number down
  • Cover the keypad while you enter the number
  • Do not give the number out to anyone
• Be wary of any offers to ‘help’ with your ATM transaction.
• Call us right away at 1800 222 2121 if your ATM card is lost or stolen.

UOB’s ATM network is very secure and robust. They are checked regularly to ensure that customers can safely perform their transactions. Thank you for using UOB ATM banking services.

Phishing Alert
27 Nov 2006
Another email purporting to originate from UOB Singapore (service@uob.com.sg ) is in circulation. The email invites the reader to click on a link and attempts to solicit personal and sensitive information from the reader via a bogus UOB website. This is a sample of what the suspicious email may look like:



What should you do?
Ignore the email and do not click on the links provided in the email.

We wish to highlight the fact that UOB will never send emails to customers requesting for personal information.

If you wish to access a website belonging to UOB or its subsidiaries or associates, always personally and directly enter the relevant website address in the browser address bar. Do not login via any hyperlink within emails. 

If you require further assistance, please contact us at 1800 222 2121 or +65 6222 2121 when calling from overseas.


A phishing scam was recently reported in Singapore.
12 Jul 2006
Please beware of phishing emails and websites purporting to be from banks that request recipients to "update or validate" their sensitive login and account information. These emails and websites may use false email addresses, logos and graphics to mislead customers into accepting their validity or may use fake domain names so as to appear genuine. Fraudsters use the collected information for financial gain or identity theft. This is known as 'phishing'. We therefore urge you to read and observe our recommended safe online banking practices. You may also wish to read the consumer alert "Phishing - How To Avoid Becoming A Victim", published by the Monetary Authority of Singapore as part of the MoneySENSE national financial education programme.

We wish to highlight the fact that UOB will never send emails to customers requesting for personal information.

If you wish to access a website belonging to UOB or its subsidiaries or associates, always personally and directly enter the relevant website address in the browser address bar. Do not login via any hyperlink within emails. 

A list of the relevant website addresses is provided for your reference. If you encounter suspicious email or fraudulent websites passing off as websites of UOB or its subsidiaries or associates, please notify us immediately at 1800 222 2121 or email us.

Fraudulent Email Alert
22 May 2006
Recently, emails by fraudsters, claiming to be external auditors for the Bank, have been in circulation. These fraudulent emails name potential victims as beneficiaries of deceased account holders and request for contact details. If the victim responds, the fraudsters will then request for funds as an advanced "legal fee" for preparing the necessary documents in order to claim that estate.

Please be warned that these emails are not issued by UOB, its employees, or its external auditors.

The Singapore Police Force has already been informed and is investigating the matter. If you receive any suspicious email, please notify us immediately at 1800 222 2121, (65) 6222 21214(when calling us from overseas) or email us.


Spyware Alert
9 Dec 2005
Spyware is an unwanted computer software program that collects information about a computer user. Spyware programs range from annoying to the dangerous, including keyboard loggers and screen capture applications that can steal passwords and other sensitive information such as account and credit card numbers. The information is then relayed to a person or organisation who uses it for financial gain or theft, usually without the consent or knowledge of the user.

Spyware programs are sometimes bundled with shareware or freeware programs that are downloaded from the Internet. Such software may redirect your Internet session through their server. You know you have spyware on your computer if:

• You see pop-up advertisements even when you're not connected to the Internet.
• The page your Web browser first opens to (your home page); or your browser search settings have changed without your knowledge.
• You notice a new toolbar in your browser that you didn't want, and find it difficult to get rid of.
• Your computer takes longer than usual to complete certain tasks.
• You experience a sudden rise in computer crashes.
  

To prevent spyware installation:

• Do not download software from unknown websites.
• Install anti-spyware software.
• Update your anti-virus software regularly with the latest anti-virus signatures.
• Disconnect from the Internet when you have finished surfing or working.
  
• You should also change your Internet Banking password regularly to protect your personal data, and notify us immediately if you suspect that your password has been stolen or hijacked.

As a precautionary measure, UOB has been taking steps to block traffic to uobgroup.com that has passed through redirector/spyware services. If you have, at any time, been denied access to our website, you may be running redirector/spyware software on your computer. In such cases, you may wish to seek professional IT advice or uninstall such software.