DBS rolls out new anti-scam security measures to increase customer protection amid fast-evolving scam and fraud tactics

Enhanced measures to protect customers from falling prey to malware scams: The bank’s new anti-malware tool prevents scammers from fraudulently logging into customers’ digibank accounts by restricting access to the banking app when it detects potential security risks. When a customer logs into DBS/POSB digibank on his or her device, the tool will restrict access to the banking app if it detects a) the presence of malware or malicious applications, b) apps downloaded from unverified app stores (sideloaded apps) with accessibility permission enabled, or c) ongoing screen-sharing / mirroring on the device.^[1]Customers will not be able to access DBS/POSB digibank until they have taken the necessary steps to secure their phones. As with all the bank’s security features, customers can be assured that the new anti-malware capabilities do not monitor phone activity, nor do they collect or store any personal data.

Launch of Security Checkup dashboard: This is the latest addition to the bank’s arsenal of self-managed security controls, empowering customers to proactively safeguard themselves. Through this dashboard, customers can easily view and track key security settings within DBS/POSB digibank, and take the recommended actions to protect themselves from being scammed or defrauded. The Security Checkup dashboard serves to inculcate in customers the habit of regularly reviewing their security settings.

Among those who used Payment Controls:

Setting of monthly spending limits was the most popular among customers aged 25 and under, with this feature being used twice as many times compared to the other two features.

Disabling/enabling of cash advances was the most popular feature with customers aged 26 to 50 years old.

Disabling/enabling of cash advances and overseas in-store transactions were the two most popular features among customers aged above 50.

^[1] These measures will take effect progressively from September 2023APPENDIXSecurity Checkup strengthens customers’ account security in just one minuteSecurity Checkup prompts customers to:

(1) Update their personal details including contact information to ensure they never miss any important alerts from the bank. This offers an additional layer of protection against unauthorised transactions and potential fraud.

(2) Review their daily transfer limits to other local and overseas banking accounts.

(3) Take a quick quiz to ensure they are up to date with the latest scams and frauds, and tips on how to protect themselves.

Enhanced capabilities to deter customers from falling prey to malware scamsThe three different messages that a customer may see are:

(1) “Our anti-malware tool has detected apps that are potentially risky to digibank”

If customers see this message, it means that their mobile device contains apps that are not downloaded from official app stores (sideloaded) and has accessibility permission enabled. This may give scammers control of their device.

To restore access, customers will need to either uninstall the app(s) listed in the pop-message, or disable the accessibility permission of the listed app(s) via the Settings menu on their device if they trust that the app(s) is safe.

Once customers have taken the above step, access will be automatically restored.

(2) “Secure this mobile device to continue banking”

If customers see this message, it means that their device is likely infected with known malware applications or is jailbroken or rooted. They may have downloaded malicious apps via links in text messages, social media or third-party websites instead of official sources like the Google Play or Apple App Store.

To remove malware on the device, customers should take the steps below as advised by the Singapore Police Force and Cyber Security Agency of Singapore:

• Disconnect their mobile device from the internet. Turn off WiFi and mobile data, or turn on Airplane Mode or Safe Mode, so scammers cannot access the device through the malicious app.

• Go through their list of installed apps. Look for anything suspicious:

Apps not downloaded from the official app store
Apps they do not recognise or recall downloading
Suspicious apps with generic names, wrong spellings, or unauthorised app store icons

• Delete such apps from the mobile device.

• Once customers have taken the above step, access will be automatically restored.

If their device is jailbroken / rooted, they should restore the device to its factory setting so they can safely access digibank again.

(3) “Our anti-malware tool has detected potentially unauthorised screen-sharing on your device”

If customers see this message, it means that screen-sharing or mirroring is taking place on their device. This can be indicative of a malware attack. To safeguard their banking account, access to digibank will be restricted while screen-sharing or mirroring is going on.

• If the customer is doing screen-sharing (example: CarPlay): Access to digibank will be automatically restored once screen-sharing has stopped.

• If the customer is not doing any screen-sharing: This may be a sign of an ongoing malware attack. The customer should immediately call our 24-hour fraud hotline at 1800 339 6963 from Singapore or (65) 6339 6963 from Overseas

[END]About DBSWorld’s Best BankWorld’s Best BankGlobal Bank of the YearWorld’s Best Digital BankMost Innovative in Digital BankingSafest Bank in Asiawww.dbs.com