Security Alerts & News

Malware Alert

Date: 8 Dec 2016
Threat Type: Malware (Trickbot)
Alert Level: Amber
Criticality: Low

Description: We have discovered variants of Trickbot malware that may affect users of the DBS Internet Banking and DBS Ideal website. This malware is spread through phishing emails with malicious attachments or through malicious online advertisements. When the said malicious attachment or online advertisement is opened or viewed, the malware infects the customers’ computers or devices.

Once customers’ computers or devices are infected, the malware will attempt to steal the customers’ login and authorisation credentials such as User ID, PIN, DBS iB Secure PIN, SMS OTP. If you see any suspicious requests for information from the DBS portal, your computer or device may be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected.

Customers are assured that the DBS Internet Banking and DBS IDEAL websites remain secure and are not the source of this malware.

Who might be at risk?
iBanking or IDEAL customers

How can you protect yourself from this?

  1. Be alert. Do not download or open attachments found in suspicious emails and do not reply to the suspicious sender.
  2. Protect your computer by using anti-virus and anti-spyware software that are set to perform automatic updates daily.
  3. Do not reveal or provide your iBanking/IDEAL username, password or token PIN to anyone.
Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing Alert

Date: 21 November 2016
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: There’s a new phishing email targeting DBS customers, which contains a link to a phishing website posing as the DBS website. The email warns customers of supposedly locked out iBanking accounts, prompting the recipient to click on the link “to restore iBanking access” but actually redirects to the phishing site. Phishing sites like these are designed to steal credit card-related information, customer user IDs, PINs, one time PINs (such as iB Secure PIN) and other personal information that can also perform fraudulent transactions under the customer’s name.

If the customer falls victim to the phishing email and clicks on the link, he will be redirected to the phishing website below:

  • http://alexschultz.com/dbo/1/login.htm
Phishing email

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Check that you are using the official DBS / POSB website. To do this, go to the address bar of your web browser and look for the "padlock" icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing Alert

Date: 18 November 2016
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: We have detected a phishing email targeting DBS customers, which contains a link to phishing websites posing as the DBS website. These phishing sites are designed to steal credit card-related information, customer user IDs, PINs, one time pins (such as iB Secure PIN) and other personal information that can also perform fraudulent transactions under the customer's name.

If the customer falls victim to the phishing email and clicks on the link, he will be redirected to any of the phishing websites below:

  • hXXp://www[.]coatofarmspost[.]com/pro/2/login.htm
  • hXXp://www[.]coatofarmspost[.]com/pro/11/login.htm
Phishing email

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Check that you are using the official DBS / POSB website. To do this, go to the address bar of your web browser and look for the "padlock" icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing and Fake DBS Website Alert

Date: 16 November 2016
Threat Type: Phishing and Fake Website
Alert Level: Green
Criticality: Low

Description: There are fake websites found in the Internet (see screenshots below) pretending to be the DBS HK and DBS SG websites. The following websites are potential phishing sites - posing as the DBS website and are designed to steal customer IDs, Pins and one time passwords. The sites are spread through malicious or phishing emails sent to customers.

  • 'https://hk-dbs.asia/en/' (posing as DBS HK website)
  • "http://millenniumhomehealth.com/wp-includes/certificates/bundle.html" and "http://90recruits.com/wp-admin/maint/dbs/index.html" (posing as DBS SG website)
Malicious Email Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Always type in the URL of DBS website directly into the address bar of your browser.
  2. Check that you are using the official DBS / POSB iBanking site. To do this, go to the address bar of your web browser and look for the “padlock” icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  3. Never reply to unsolicited emails. Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing and Fake DBS Website Alert

Date: 16 November 2016
Threat Type: Phishing and Fake Website
Alert Level: Green
Criticality: Low

Description: There are fake websites found in the Internet (see screenshots below) pretending to be the DBS HK and DBS SG websites. The following websites are potential phishing sites - posing as the DBS website and are designed to steal customer IDs, Pins and one time passwords. The sites are spread through malicious or phishing emails sent to customers.

  • 'https://hk-dbs.asia/en/' (posing as DBS HK website)
  • "http://millenniumhomehealth.com/wp-includes/certificates/bundle.html" and "http://90recruits.com/wp-admin/maint/dbs/index.html" (posing as DBS SG website)
Malicious Email Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Always type in the URL of DBS website directly into the address bar of your browser.
  2. Check that you are using the official DBS / POSB iBanking site. To do this, go to the address bar of your web browser and look for the “padlock” icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  3. Never reply to unsolicited emails. Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing Alert

Date: 11 November 2016
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: We have detected a phishing email being sent to DBS customers claiming to be from DBS eAdvice (DBSeAdvice@dbs.com) which contains a link to phishing websites purporting to be Singnet’s website. This phishing site is designed to steal customer user IDs and password, and other personal information which can allow the phisher to perform fraudulent transactions under the customer's name.

Sample of the phishing email pretending to be sent from DBS.
Malicious Email Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Do not provide your user ID and or pin or any sensitive information to unverified websites.
  3. Never reply to unsolicited emails. Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

DBS Malicious Email Alert

Date: 30 June 2016
Threat Type: Malware/Phishing
Alert Level: Amber
Criticality: Low

Description: There is a malicious email campaign targeting DBS customers. The email is from a fake email account "DBSAdvice@dbs.com" and contains "Transaction Advice" as the subject. The email has a zip file attachment which contains a malware. When the said malicious attachment is opened, the malware infects the customers' computers or devices to steal the customers' login and authorisation credentials such as (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on).

Sample of the phishing email pretending to be sent from DBS.
Malicious Email Alert

Who might be at risk?
iBanking or IDEAL customers

How can you protect yourself from this?

  1. Be alert. Do not download or open attachments found in suspicious emails and do not reply to the sender either.
  2. Protect your computer by using an anti-virus software and anti-spyware software that are set to perform automatic updates daily.
  3. Do not reveal or provide your iBanking/IDEAL username, password or token PIN to anyone.

Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.


Parcel Phone Scam Alert

Date: 1 June 2016
Threat Type: Phishing Calls

Description: A phishing campaign is targeting Singapore residents with automated phone calls. The calls start with an automated voice message in Mandarin, claiming to be a courier company and that their parcel had not been picked up. The call recipient is then directed to enter “0” or “9”. This connects them to a Mandarin-speaking person posing as a courier staff member who will claim that the parcel held contains prohibited items e.g. fake passports or weapons. The alleged staff member will request personal and/or bank information, or transfer the call to another person who will claim to be a customs or police officer. This person will in turn request personal and/or bank information or instruct the call recipient to remit money to an overseas bank account to avoid action from authorities.

Who might be at risk?
Customers with DBS accounts.

How can you protect yourself from this?

  1. Be alert. Do not provide personal or bank information or remit money based on the advice of unsolicited callers.
  2. Never give out any sensitive personal information (including login passwords or one-time passwords) over the phone or via email. Our staff will never ask you for such information.
  3. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you receive such calls or have disclosed your personal or bank information to unsolicited callers.
  4. For more information on such scams, please visit the following links:

Phone Scam Alert

Date: 20 April 2016
Threat Type: Phishing Calls

Description: A phishing campaign is targeting Singapore residents with automated phone calls. The calls start with an automated voice message in English or Mandarin, claiming to be from DBS Bank and that an urgent message awaits them. The call recipient is then directed to enter “0” or “1”. This connects them to a Mandarin-speaking person posing as a DBS staff member who will claim there were credit cards applied for in their name and that they owe money to a Shanghai company. When the customer states they did not apply for the credit card, the alleged staff member will request personal and/or bank information, or transfer the call to another person who will claim to be a Shanghai police officer and request personal and/or bank information.

Who might be at risk?
Customers with DBS accounts.

How can you protect yourself from this?

  1. Be alert. Do not provide personal or bank information to unsolicited callers.
  2. Never give out any sensitive personal information (including login passwords or one-time passwords) over the phone or via email. Our staff will never ask you for such information.
  3. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you receive such calls or have disclosed your personal or bank information to unsolicited callers.

Phishing Alert

Date: 25 February 2016
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: We have detected a phishing email targeting DBS customers, which contains a link to phishing websites posing as the DBS website. These phishing sites are designed to steal credit card-related information, customer user IDs, PINs, one time passwords and other personal information such as NRICs and mobile phone numbers and can also perform fraudulent transactions under the customer’s name.

If the customer falls victim to the phishing email and clicks on the link, he will be redirected to any of the phishing websites below:

  • http://mikromax.com.tr/ckfinder/core/db/index.htm
  • http://mikromax.com.tr/ckfinder/core/db2/index.htm
  • http://poppart.pl/ds/index.php
  • http://poppart.pl/ds/l/1.htm
  • http://poppart.pl/ds/l/2.htm
  • http://spojmontbrno.cz/kl/l/1.htm
  • http://spojmontbrno.cz/kl/l/2.htm
  • http://www.emailmeform.com/builder/form/fFfczr8b04E7Xsb7aYd

Malware Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Check that you are using the official DBS / POSB website. To do this, go to the address bar of your web browser and look for the "padlock" icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.

Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.


Malware Alert

Date: 19 January 2016
Threat Type: Malware (Tinba)
Alert Level: Amber
Criticality: Low

Description: A malware campaign targeting banks in Asia called “Tinba” (or Tiny Banker, designed to steal banking credentials) has been recently discovered. Tinba is an online banking Trojan malware which targets retail and corporate accounts held with major banks, including banks in Singapore. It is spread primarily through malicious emails/advertisements using popular exploit kits such as Neutrino, Angler or Nuclear.

Once a customer's computer or device is infected with Tinba, it will attempt to steal his banking credentials (such as User ID, PIN, OTP from SMS or iB Secure Device, etc.) by altering the login flow of the internet banking site like DBS Internet Banking.

Here’s how the real DBS Internet Banking looks like as compared to how it will be, when used on a computer infected with Tinba:

Malware Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Do not enter any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the login process, DBS will never ask for "Sign 1" of your iB Secure Device nor ask you to input a Challenge/Response.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.

Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:

  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

DBS Phishing Email Alert

Date: 12 November 2015
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: There is a phishing email targeting DBS customers which contains a link to the websites http://guhanka.esy.es/update_dbs/index.php or http://jobberlinkx.esy.es/update_dbs/index.html. These are phishing websites posing as a DBS website, designed to steal customer user IDs, PINs, one time passwords and other personal information such as NRICs and mobile phone numbers. These phishing websites can also perform fraudulent transactions under the customer’s name.

Who might be at risk?
iBanking or IDEAL customers

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Check that you are using the official DBS / POSB website. To do this, go to the address bar of your web browser and look for the "padlock" icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  4. Call us immediately at 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.


Sample of the phishing email pretending to be sent from DBS.

Phishing


Sample of the phishing website.

Phishing


DBS Phishing SMS Alert

Date: 9 November 2015
Threat Type: Phishing
Alert Level: Green
Criticality: Low

Description: There is a fake SMS circulating on phone networks, pretending to be sent from DBS. The SMS contains a link to the website http://dbs-mobile.com. This is a phishing website posing as a DBS website, designed to steal customer organization IDs, user IDs, PINs, one time passwords and mobile phone numbers.

Who might be at risk?
iDEAL customers.

How can you protect yourself from this?

  1. Be alert. Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS. Do not provide your user ID or PIN and other sensitive information if you did not initiate any activity.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Check that you are using the official DBS / POSB website. To do this, go to the address bar of your web browser and look for the “padlock” icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  4. Call us immediately at 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.


Sample of the fake SMS pretending to be sent from DBS.

Phishing


Sample of the phishing website.

Phishing


Mobile Malware Alert

Date: 04 November 2015
Threat Type: Malware (GMBot)
Alert Level: Amber
Criticality: Low

Description: We've discovered a malware specific to mobile devices running on Android which may affect users of the DBS and POSB digibank application. This malware could be spread through malicious mobile applications ("apps") that are downloaded from unknown sources. When the victim downloads the malicious apps, the malware then gets loaded onto the victim's device.

How does this malware behave?

  1. Signs that the malware has infected a mobile device may include (but not limited to) the following:
    • the victim may potentially experience some unusual disruptions to his mobile device
    • a surge in unfamiliar screens popping up - either asking the victim to install unfamiliar apps or prompting him to grant special permissions to certain apps
    • device shutting down all of a sudden
  2. To infect the device, pop-up screens appear (see samples below), prompting the victim to install an application asking to "activate administrator privilege" or "allow access to" administrator-level permissions on the device. Examples of these permissions include "Read your text messages" (allowing the malware to steal SMS OTP) or "Draw over other apps" (allowing the malware to show a malicious overlay screen on top of legitimate applications). By doing so, the victim unknowingly allows the attacker to take over his device.

    Malware Alert

  3. Now that the attacker has taken over the victim's device, he can "draw over other apps" by creating a fake overlay screen on top of the running legitimate apps on the device. These fake overlays are used to steal the victims' information such as his mobile number. See sample screenshots below:

    Malware Alert

  4. Next, the attacker will inject a fake overlay login page of the mobile banking application on his device - such as DBS or POSB digibank app. This will allow him to capture the victim’s digibank app user ID and pin.

    Malware Alert

  5. With the mobile number, user ID and pin and SMS OTP, as well as other potential sensitive information captured, the attacker now has all the details he needs to perform unauthorised transactions and steal money from the customers’ account. He can even steal more information by injecting more fake overlays such as below, which is designed to steal credit card information.

    Malware Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
You are assured that DBS and POSB digibank applications remain secure and are not the source of this malware. We also have multiple layers of security in place such as 2FA, OTP and mChallenge to protect your online banking transactions.

You are reminded to remain cautious when banking online:

  1. Be alert. Do not provide your user ID or pin and other sensitive information if you did not initiate any activity. Be cautious especially if a screen on your mobile device suddenly pops up and asks for your information, even if you did not open your applications or initiate any activity.
  2. Install the latest software updates on your mobile devices. When installing applications, be mindful of the permissions granted (i.e. think if the permissions are really necessary).
  3. Do not download or install any applications on your mobile device unless they are from authentic sources (Apple App Store or Google Play Store).
  4. Do not enter any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the login process, DBS will never ask for "Sign 1" of your iBSecure Device nor ask you to input a Challenge/Response.
  5. Call us immediately at 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

Malware Alert

Date: 23 September 2015
Threat Type: Malware
Alert Level: Amber
Criticality: Low

Description: We've discovered a malware spreading around which may affect users of the DBS IDEAL website. This malware could be spread through phishing emails with malicious attachment. When the said malicious attachment is opened, the malware infects the customers' computers or devices.

Once a customer's computer or device is infected, the malware will attempt to steal the customer's login and authorisation credentials (such as Organisation ID, User ID, PIN, Security Access Code, SMS OTP and Challenge/Response) by altering the flow of logging on to the DBS IDEAL website.

An example of the altered DBS IDEAL website may include a change in the login page which states that "our Bank is currently updating your company account info" and prompts for the customer to enter another user's ID and pin during his session. Below is a sample screenshot of the DBS IDEAL website after a computer or device has been infected with the malware.

Malware Alert

Who might be at risk?
Customers with IDEAL accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Be alert. Remember that DBS IDEAL never prompts for another user's ID or pin when you login. Do not download or open attachments found in suspicious emails and do not reply to the sender either.
  2. Always type in the URL of DBS website directly into the address bar of your browser.
  3. Do not reveal your IDEAL username, password or token PIN to anyone.
  4. Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures.
  5. Call us immediately at 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

DBS Malicious Email Alert

Date: 17 June 2015
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: There is a malicious email campaign targeting DBS customers. The email contains “Payment Advice” as the subject and informs customers that DBS has sent them a payment advice as requested. The email has a zip file attachment which contains a malware masquerading as a PDF file. When the said malicious attachment is opened, the malware infects the customers’ computers or devices to steal the customers’ login and authorisation credentials such as (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on).

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Be alert. Do not download or open attachments found in suspicious emails and do not reply to the sender either.
  2. Always type in the URL of DBS website directly directly into the address bar of your browser.
  3. Do not reveal your iBanking/IDEAL username, password or token PIN to anyone.
  4. Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures.
  5. Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

Fake DBS Website Alert

Date: 17 June 2015
Threat Type: Fake Website
Alert Level: Green
Criticality: Low

Description: There is a fake website found in the Internet (see screenshot below) which pretends to be the DBS website. The website ‘https://www.dbss.asia/index/’ is a potential phishing site - posing as the DBS website and is designed to steal customer IDs, Pins and one time passwords.

This website has been removed.

Fake DBS Website Alert

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Always type in the URL of DBS website directly into the address bar of your browser.
  2. Check that you are using the official DBS / POSB iBanking site. To do this, go to the address bar of your web browser and look for the “padlock” icon. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  3. Be alert. Never reply to unsolicited emails Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2222 (Business Banking), if you notice unknown transactions appearing on your account.

Malware Alert

Date: 2 Apr 2015
Threat Type: Malware (Dyre)
Alert Level: Amber
Criticality: Low

Description: We have discovered variants of Dyre malware that may affect users of the DBS Internet Banking website. This malware is spread through phishing emails with malicious attachment. When the said malicious attachment is opened, the malware infects the customers’ computers or devices.

Once customers’ computers or devices are infected, the malware will attempt to steal the customers’ login and authorisation credentials such as (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on) by altering the flow of the DBS Internet Banking website. It will show a “Please Wait…” message and ask for the customer’s user ID, PIN and iB Secure PIN repeatedly.

Here are screenshots of the actual DBS Internet Banking website compared to what it will look like after a computer or device has been infected with this malware. The suspicious messages are highlighted in red.

Malware Alert

If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Who might be at risk?
Customers iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the login process, DBS will never ask for "Sign 1" of your iBSecure Device nor ask you to input a Challenge/Response.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.

Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:

  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

"FREAK" Vulnerability Information

Date: 4 March 2015
Threat Type: Security Vulnerability
Alert Level: Amber
Criticality: Low

Description: A vulnerability known as “FREAK” has been discovered on OpenSSL implementations of SSL (Secure Socket Layer) and TLS (Transport Layer Security) which are used to encrypt communications between a website and a web browser (such as Internet Explorer, Safari) to keep the customer’s credentials and transactions secure. The vulnerability is present on websites that that use OpenSSL and accept weak encryption key length of 512 bits. When exploited, an attacker can break this weak encryption key which will allow him to steal secret information from web servers, such as the customer’s login credentials.

DBS/POSB iBanking and IDEAL do not use OpenSSL and RSA 512 bit encryption key and are not vulnerable to “FREAK”. You are assured that we have multiple layers of security in place such as 2FA for online banking transactions, to protect your online banking transactions.

However, it has also been reported that “FREAK” affects Apple’s Safari browser and Google’s Android browsers and could enable an attacker to spy on communications of users of these browsers. Both Apple and Google have since announced that a patch/software update is underway, to help mitigate this risk.

How can you protect yourself from this?
You are reminded to remain cautious when banking online:

  1. Update your web browser to the latest available patches and install the latest software updates on your mobile devices. Ensure that you download these updates from authentic and trusted sources such as Apple App Store or Google Play Store.
  2. Use different usernames and passwords for your online banking accounts from other non-banking related accounts and ensure that you change your passwords regularly.
  3. Do not reveal your iBanking/IDEAL username, password or token PIN to anyone.
  4. Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures.
  5. Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you notice unknown transactions appearing on your account.

Malware Alert

Date: 12 Feb 2015
Threat Type: Malware (Dyre)
Alert Level: Amber
Criticality: Low

Description: We have discovered a variant of Dyre malware that may affect the legitimacy of the DBS IDEAL website. This malware is spread through phishing emails with malicious attachment. A sample of the phishing email is shown below. When the said malicious attachment is opened, the malware infects the customers’ computers or devices.

Once customers’ computers or devices are infected, the malware will attempt to steal the customers’ login and authorisation credentials (such as Organisation ID, User ID, PIN, Security Access Code, SMS OTP and Challenge/Response) by altering the flow of logging on to the DBS IDEAL website. After the first login page, it will show a different “Security Access Code” page followed by a message that says “We are currently processing your information, please wait....” which does not exist in the legitimate DBS IDEAL website.

Here are screenshots of the actual DBS IDEAL website compared to what it will look like after a computer or device has been infected with this malware. The suspicious messages are highlighted in red.

Malware Alert

Sample of the Phishing Email

Malware Alert

Who might be at risk?
Customers with IDEAL accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the log in process, you will never be asked to input a Challenge/Response.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Check your last login and transaction history regularly for any abnormal transactions.
  5. Please inform our contact centre at 1800 222 2200 immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

Customers are assured that the DBS IDEAL website remains secure and is not the source of this malware.


"POODLE" Vulnerability Information

Date: 16 October 2014
Threat Type: Security Vulnerability
Alert Level: Amber
Criticality: Low

Description: A vulnerability known as “POODLE” has been discovered on the SSL3 (Secure Sockets Layer v3) used by old versions of web browsers such as Internet Explorer 6 on Microsoft XP. SSL is used to establish an encrypted link between a website and a web browser (such as Internet Explorer) to keep the customer’s credentials and transactions secure. With the “POODLE” vulnerability present on SSL3, an attacker may be able to take control of the customer’s SSL channel which will then allow him to steal secret information such as account details.

How can you protect yourself from this?
At DBS, we are committed to developing web applications that provide optimal customer experience with modern and latest browsers. DBS/POSB iBanking and IDEAL websites also have layered security controls such as 2FA, OTP, and mChallenge that keep online banking transactions secure. For added security, we will also discontinue support for the now insecure SSL3 encryption protocol from 7 November 2014. This means that DBS iBanking including selected features on the DBS website will no longer be accessible by older version browsers such as Internet Explorer 6 on Windows XP.

  • Customers are urged to visit the links below to download and install the latest version of popular web browsers:
  • Change your passwords regularly.
  • Keep your iBanking/IDEAL username, password or token PIN private
  • Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you notice unknown transactions appearing on your account.

DBS Phishing Site Alert

Date: 9 October 2014
Threat Type: Phishing
Alert Level: Amber
Criticality: Medium

Description: There is a DBS phishing site found on the Internet which pretends to be the DBS Internet Banking website. The website http://www.prestasibimbel.com is a phishing site posing as the DBS Internet Banking website, designed to steal customer IDs, PINs and one time passwords.

Who might be at risk?
Customers with iBanking account

How can you protect yourself from this?
  • Call us immediately at 1800 111 1111 (Personal Banking) if you notice unknown transactions appearing on your account.
  • Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS.
  • DBS will never ask you for your PIN number, via email or phone.
  • Always type in the URL of DBS website directly into the address bar of your browser.

Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.


DBS Phishing Email Alert

Date: 6 October 2014
Threat Type: Phishing
Alert Level: Amber
Criticality: Medium

Description: An ongoing phishing campaign is targeting DBS customers. In this campaign, an email will be sent to DBS customers, informing them that an enhanced account security management system has been installed and it urges customers to activate this feature by clicking on an URL inside that email; otherwise the account will be temporarily locked.

This URL brings customers to a phishing website designed to steal customer IDs, passwords, credit card details and contact information. A sample of the phishing email and website is provided for reference below.

Who might be at risk?
Customers with iBanking/IDEAL account

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember,

  • Do not download or open attachments in suspicious emails.
  • Never reply to unsolicited emails.
  • Never reply to unsolicited emails.
  • Always type in the URL of the DBS Internet Banking website directly into the address bar of your browser, and check that the website you are accessing is the valid DBS Internet Banking website:
    • DBS iBanking - https://internet-banking.dbs.com.sg
    • DBS iDEAL - https://ideal.dbs.com
  • Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you notice unknown transactions appearing on your account.
  • Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS.
  • Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signature.

Sample of the Phishing Website


Heartbleed Vulnerability Information

Date: 14 April 2014
Threat Type: Security Bug
Alert Level: Green
Criticality: Low

Description: A vulnerability known as the Heartbleed bug has been discovered on OpenSSL implementations of SSL and TLS, which is used to encrypt communications between computers and web servers. This vulnerability allows attackers to obtain secret information such as credentials from web servers.

DBS/POSB iBanking and IDEAL do not use OpenSSL and are not vulnerable to Heartbleed. We have multiple layers of security in place to protect our customers such as 2FA for online banking transactions.

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?

  • Use different usernames and passwords for your online banking accounts from other non-banking related accounts.
  • Change your passwords regularly.
  • Do not reveal your iBanking/IDEAL username, password or token PIN to anyone.
  • Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you notice unknown transactions appearing on your account.
  • Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signatures.

 


DBS Malicious Email Alert

Date: 25 March 2014
Threat Type: Phishing
Alert Level: Amber
Criticality: Low

Description: There is a malicious email campaign targeting DBS customers. The email contains “Payment Advice” as the subject and informs customers that DBS has sent them a payment advice as requested. The email has a zip file attachment which contains a malware masquerading as a PDF file.

A sample of the email is provided for reference.

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?
Customers are reminded to be exercise caution when receiving suspicious emails. Remember,

  • Do not download or open attachments in suspicious emails.
  • Never reply to unsolicited emails.
  • Always type in the URL of the DBS Internet Banking website directly into the address bar of your browser, and check that the website you are accessing is the valid DBS Internet Banking website:
  • Call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you notice unknown transactions appearing on your account.
  • Always review the SMS alerts from DBS and call us immediately if you receive any suspicious SMS.
  • Always protect your computer by using an anti-virus software and keep it updated with the latest anti-virus signature.

 

Sample of the Malicious Email

 


 

POSB Phishing Site Alert

Date: 10 January 2014
Threat Type: Phishing
Alert Level: Green
Criticality: Low

Description: There is a POSB phishing site found on the Internet which pretends to be the POSB Internet Banking website. The website http://home.e-posbsg.com/index/personal/Pages/default.html is a phishing site posing as the POSB Internet Banking website, designed to steal customer IDs, Pins and one time passwords. The website has since been removed.

Who might be at risk?
Customers with iBanking account

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember,

  • POSB will never ask you for your PIN number, via email or phone.
  • Always type in the URL of POSB website directly into the address bar of your browser.
  • Verify that the iBanking site you are visiting is legitimate. To do this, go to the address bar of your web browser and look for the “padlock” icon found at the right side. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  • Alert us immediately, if you notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.
  • Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

 


DBS Phishing Site Alert

Date: 30 July 2013
Threat Type: Phishing
Alert Level: Red
Criticality: High

Description: An ongoing phishing campaign is targeting DBS customers. In this campaign, an email will be sent to DBS customers, informing them that the DBS internet banking system will be upgraded and that they should click on a URL inside the email. This URL brings customers to a phishing website which pretends to be the DBS Internet Banking website, designed to steal customer IDs, PINs, one-time passwords and contact information. Customers may also receive a call from someone pretending to be from DBS, and requesting for your iB Secure PIN or informing you of cancelling/stopping transactions which you actually did not perform. The phishing websites may be using various different URLs; examples are provided below.

  • http://www.theheatstore.nl/catalog/admin/Update/index.php
  • http://96.127.154.90/~kctasman/Update/index.php
  • http://villagebeads.co.nz/Update/index.php
  • http://www.arkmodel.com/DBS/
  • http://www.swordexperts.com/DBS/

The websites have since been removed but the phishing emails might still be circulating. Samples of the phishing email and the phishing website are provided below, for reference.

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember,

  • DBS staff will NEVER ask you for confidential information via email or phone, for example:
    • PIN or iB Secure PIN;
    • Token PIN; and
    • One Time Password or Challenge and Response Codes.
  • Always type in the URL of the DBS Internet Banking website directly into the address bar of your browser, and check that the website you are accessing is the valid DBS Internet Banking website:
    • DBS iBanking - https://internet-banking.dbs.com.sg
    • DBS iDEAL - https://ideal.dbs.com
  • Verify that the iBanking site you are visiting is legitimate. To do this, go to the address bar of your web browser and look for the “padlock” icon found at the right side. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  • Always review the SMS alerts from DBS and call us immediately at 1800 111 1111 (Personal Banking) or 1800 222 2200 (Business Banking), if you receive any suspicious SMS or notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.
  • Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on. It is also prudent to install the latest released anti-virus signatures and operating system/internet browser security updates.

Sample of the Phishing Email



Sample of the Phishing Website


DBS Phishing Site Alert

Date: 24 July 2013
Threat Type: Phishing
Alert Level: Green
Criticality: Low

Description: There is a DBS phishing site found on the Internet which pretends to be the DBS Internet Banking website. The website http://terceirotempo.bol.uol.com.br/img/times/Welcome.html is a phishing site posing as the DBS Internet Banking website, designed to steal customer IDs, Pins and one time passwords. The website has been removed.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember,

  • Always type in the URL of DBS website directly into the address bar of your browser.
  • Verify that the iBanking site you are visiting is legitimate. To do this, go to the address bar of your web browser and look for the “padlock” icon found at the right side. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  • Alert us immediately, if you notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.
  • DBS will never ask you for your PIN number, via email or phone.
  • Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

 


Malware Alert

Date: 13 Jun 2013
Threat Type: Malware (Zbot)
Alert Level: Amber
Criticality: Low

Description: We have discovered a variant of Zbot malware that may affect users of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, it will show a “Security challenge” message that is not part of the DBS Internet Banking website. Here is a screenshot of what the DBS Internet Banking website will look like after a computer or device has been infected with this malware. The suspicious message is circled in red.

If you see any of the above messages while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. DBS will never ask for "Sign 1" of the iBSecure Device during login.
  2. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  3. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  4. Check your last login and transaction history regularly for any abnormal transactions.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. Receive SMS or email for transactions that you did not perform or account number that you do not know
    2. Experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
    3. See unfamiliar banking processes/messages such as “Security challenge such as the above screenshots
  6. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.

Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.


Malware Alert

Date: 17 Apr 2013
Threat Type: Malware
Alert Level: Amber
Criticality: Low

Description:We have discovered a malware that may affect users of the DBS Internet Banking website. This malware infects customers’ workstations or devices. Once customers’ workstations/devices are infected, it is designed to steal customers’ information by altering the flow of the Internet Banking website when credit card related links have been selected. It will ask for “Card Expiry Date”, “CVV2 Code” or "Three-digit security code", “Cardholder Address”, “Cardholder ZIP”, “Cardholder Date of Birth” and “Password” claiming that credit card and card holder information needs to be verified. This step is not part of the DBS Internet Banking website. Please do not provide any of such information.

Below are screenshots of what the DBS Internet Banking website looks like after it is infected with this malware:




If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Never provide your credit card details in iBanking as the credit card details are only required when you do online purchases.
  2. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  3. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  4. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress", "Please wait…" or such as the above screenshots
  5. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  6. For more security tips, please refer to Protecting Yourself Online
Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

 

 


 

Malware Alert

Date: 07 Mar 2013
Threat Type: Malware (Zbot –Zeus)
Alert Level: Amber
Criticality: Low

Description: We have discovered different variants of Zbot (Zeus) malware that may affect users of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS Internet Banking website to steal login and authorisation credentials (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on). It will show a rotating “Please Wait…” message and ask for the customer’s user ID, PIN and iB Secure PIN repeatedly. The suspicious message is circled in red below.

This is typically followed by this screen:

If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. DBS will never ask for "Sign 1" of the iBSecure Device during login.
  2. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  3. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  4. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
  5. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  6. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  7. For more security tips, please refer to Protecting Yourself Online .

Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.


Malware Alert

Date: 26 February 2013
Threat Type: Malware
Alert Level: Amber
Criticality: Low

Description: We have discovered malware that may affect the legitimacy of the DBS IDEAL website. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ login and authorisation credentials (Organisation ID, User ID, PIN, Security Access Code, SMS OTP and Challenge/Response) by altering the flow of logging onto the DBS IDEAL website.

It will show a rotating “Please Wait …” message that does not exist on the DBS IDEAL website.

Here is a screenshot of what the DBS IDEAL website will look like after a computer or device has been infected with this malware. The suspicious messages are circled in red.


Who might be at risk?
Customers with IDEAL accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the log in process, you will never be asked to input a Challenge/Response.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Check your last login and transaction history regularly for any abnormal transactions.
  5. Please inform our contact centre at 1800 222 2200 immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

Customers are assured that the DBS IDEAL website remains secure and is not the source of this malware.


Fake DBS Website Alert

Date: 9 February 2013
Threat Type: Fake Website
Alert Level: Green
Criticality: Low

Description:There is a fake website found in the Internet which pretends to be the DBS Internet Banking website. The website http://aspectpine.co.uk/dbs/welcome.htm is a phishing website posing as the DBS Internet Banking website, designed to steal customer IDs, Pins and one time passwords.

This website has been removed.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember, DBS will never ask you for your PIN number, via email or phone.

  • Always type in the URL of DBS website directly into the address bar of your browser.
  • Verify that the iBanking site you are visiting is legitimate. To do this, go to the address bar of your web browser and look for the “padlock” icon found at the right side. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  • Alert us immediately, if you notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.


Malware Alert

Date: 16 Jun 2012
Threat Type: Malware (Zbot – Zeus)
Alert Level: Amber
Criticality: Low

Description: We have discovered malware that may affect the legitimacy of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS Internet Banking website to steal login and authorisation credentials (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on). It will show a rotating “Please Wait…” message and a step called “Secure Token Validation” which asks for the customer’s iB Secure PIN repeatedly – both of which do not exist on the DBS Internet Banking website. These suspicious messages are circled in red below.



If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials

Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Remedy: The following list of anti-virus software is known to be able to detect and quarantine this type of malware.

Anti-Virus Version Signature date
AhnLab-V3 Spyware/Win32.Zbot 20120628
AntiVir TR/Crypt.XPACK.Gen 20120628
Antiy-AVL Trojan/Win32.Zbot.gen 20120628
Avast Win32:Susn-AJ [Trj] 20120628
AVG PSW.Generic9.CLKR 20120628
BitDefender Trojan.Generic.KD.641912 20120628
ByteHero Virus.Win32.Heur.c 20120613
ClamAV Trojan.Zbot-22915 20120628
Commtouch W32/Zbot.FB.gen!Eldorado 20120628
Comodo TrojWare.Win32.Kryptik.AGOY 20120628
DrWeb Trojan.Inject1.4253 20120628
Emsisoft Trojan-PWS.Win32.Zbot!IK 20120628
F-Prot W32/Zbot.FB.gen!Eldorado 20120627
F-Secure Trojan.Generic.KD.641912 20120628
Fortinet W32/Zbot.UH!tr.pws 20120628
GData Trojan.Generic.KD.641912 20120628
Ikarus Trojan-PWS.Win32.Zbot 20120628
Jiangmin TrojanSpy.Zbot.axmb 20120628
K7Anti-virus Spyware 20120627
Kaspersky Trojan-Spy.Win32.Zbot.dyij 20120628
McAfee PWS-Zbot.gen.uh 20120628
McAfee-GW-Edition PWS-Zbot.gen.uh 20120628
Microsoft PWS:Win32/Zbot.gen!AF 20120628
NOD32 Win32/Spy.Zbot.AAN 20120627
Norman W32/Injector.AQSI 20120627
nProtect Trojan/W32.Agent.319968.B 20120628
Panda Generic Trojan 20120627
PCTools Trojan.Zbot 20120628
Sophos Mal/Zbot-BRU 20120628
Symantec Trojan.Zbot 20120628
TheHacker Trojan/Kryptik.agoy 20120627
TrendMicro H2_AGENT_044167.TOMB 20120628
TrendMicro-HouseCall H2_AGENT_044167.TOMB 20120628
VBA32 Trojan.Zbot.7612 20120626
VIPRE Trojan-PWS.Win32.Zbot.af.gen (v) 20120628
ViRobot Trojan.Win32.A.Zbot.319968 20120628
VirusBuster Trojan.Kryptik!87wILK2ElVg 20120627

 


 

Malware Alert

Date: 30 May 2012
Threat Type: Malware (Torpig)
Alert Level: Amber
Criticality: Low

Description: We have discovered different variants of Torpig (also known as Anserin or Sinowal) malware that may affect the legitimacy of the DBS Internet Banking websites. This malware infects customers’ workstations or devices. Once customers’ workstations/devices are infected, it is designed to steal customers’ information by altering the flow of the existing Internet Banking websites of Singapore banks. It will ask for “card number”, the “signature panel code” (CVV code), “expiration date” and “ATM PIN”, claiming the computer is not recognized. In general, it will attempt to steal information from the infected computers, including all found passwords. Please do not provide any of such information. Here is a screenshot of how the DBS Internet Banking website looks like after it is infected with this malware:

If you see any of the above changes while banking online with us, your computer may likely be infected with this malware. You are advised not to proceed with any transactions until your computer has been checked and disinfected.

Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

 

Remedy: The following list of anti-virus software is known to be able to detect and quarantine this type of malware.

Anti-virus Version Signature date
AhnLab-V3 Trojan/Win32.Scar 20120511
AntiVir BDS/Sinowal.nue 20120511
Antiy-AVL Trojan/win32.agent.gen 20120512
Avast Win32:Sinowal-JN [Trj] 20120512
AVG BackDoor.Generic15.ALJB 20120511
BitDefender Trojan.PWS.Sinowal.NCX 20120512
ByteHero Trojan.Win32.Heur.088 20120511
CAT-QuickHeal Backdoor.Sinowal.pzh 20120511
ClamAV - 20120512
Commtouch W32/Sinowal.AD.gen!Eldorado 20120512
Comodo TrojWare.Win32.Kryptik.SZK 20120512
DrWeb Trojan.Packed.21724 20120512
Emsisoft Trojan-PWS.Sinowal!IK 20120512
eSafe Win32.BDSSinowal.Nue 20120509
eTrust-Vet Win32/Sinowal.J!generic 20120511
F-Prot W32/Sinowal.AD.gen!Eldorado 20120511
F-Secure Trojan.PWS.Sinowal.NCX 20120512
Fortinet W32/Sinowal.BJ!tr 20120508
GData Trojan.PWS.Sinowal.NCX 20120512
Ikarus Trojan-PWS.Sinowal 20120512
Jiangmin - 20120512
K7Anti-virus Backdoor 20120511
Kaspersky Backdoor.Win32.Sinowal.pzh 20120511
McAfee Artemis!DB0BA4479277 20120512
McAfee-GW-Edition - 20120512
Microsoft PWS:Win32/Sinowal.gen!AA 20120512
NOD32 a variant of Win32/Kryptik.TEK 20120512
Norman W32/Sinowal.FSY 20120511
nProtect Trojan.PWS.Sinowal.NCX 20120511
Panda Trj/Sinowal.gen 20120511
PCTools Trojan.Anserin 20120512
Rising - 20120511
Sophos Mal/Sinowal-N 20120512
SUPERAntiSpyware - 20120512
Symantec Trojan.Anserin 20120512
TheHacker Backdoor/Sinowal.pzh 20120511
TrendMicro TROJ_GEN.R47CDDJ 20120512
TrendMicro-HouseCall TROJ_GEN.R47CDDJ 20120511
VBA32 BScope.Backdoor.Sinowal.3921 20120511
VIPRE Trojan-Dropper.Win32.Sinowal.y (v) 20120512
ViRobot - 20120512
VirusBuster Trojan.DR.Sinowal.Gen.20 20120511

 


 

Malware Alert

Date: 05 Sep 2011
Threat Type: Malware (Spyeye)
Alert Level: Amber
Criticality: Low

Description: We have discovered different variants of Spyeye malware that may affect the legitimacy of the DBS Internet Banking websites. This malware targets Singapore Internet Banking websites which include the DBS Internet Banking website, DealOnline and VICKERS Online websites. It is designed to steal customers’ information by altering the “look and feel” of the existing Internet Banking websites. For instance, if the malware infects the customer's computer, DBS Internet Banking website will look different and will ask the customer to key in his user ID, pin and one-time pin from his token all at the same time, instead of the usual login method. Here is a comparison of how DBS Internet Banking website looks like before and after it is infected with this malware:

Another indication of the malware infection is that the internet banking website login page remains the same. However, upon login the customer will redirected to a page that states "We are checking your security settings. Every step can take 1-10 minutes....“


If you see any of the above changes while banking online with us, your computer may likely be infected with this malware. You are advised not to proceed with any transactions until your computer has been checked and disinfected.

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
Customers are assured that the DBS Internet Banking, DealOnline and VICKERS Online websites remain secure and is not the source of this malware.

 

Remedy: The following list of anti-virus software is known to be able to detect and quarantine this type of malware.

Anti-virus Version Signature date Virus name detected
AhnLab-V3 2011.09.04.00 2011.09.04 Spyware/Win32.Zbot
AntiVir 7.11.14.92 2011.09.04 TR/EyeStye.N.1532
Antiy-AVL 2.0.3.7 2011.09.04 Trojan/Win32.SpyEyes.gen
Avast 4.8.1351.0 2011.09.04 Win32:Malware-gen
Avast5 5.0.677.0 2011.09.04 Win32:Malware-gen
AVG 10.0.0.1190 2011.09.05 PSW.Generic9.OTZ
BitDefender 7.2 2011.09.05 Trojan.Generic.KD.337313
ByteHero 1.0.0.1 2011.08.22 -
CAT-QuickHeal 11.00 2011.09.04 -
ClamAV 0.97.0.0 2011.09.05 -
Commtouch 5.3.2.6 2011.09.04 -
Comodo 9994 2011.09.04 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.09.05 Trojan.PWS.SpySweep.52
Emsisoft 5.1.0.11 2011.09.05 Trojan.Win32.Spyeye!IK
eSafe 7.0.17.0 2011.09.04 -
eTrust-Vet 7.0.17.0 2011.09.04 -
F-Prot 4.6.2.117 2011.09.04 -
F-Secure 9.0.16440.0 2011.09.04 Trojan.Generic.KD.337313
Fortinet 4.3.370.0 2011.09.04 W32/SpyEyes.MLQ!tr
GData 22 2011.09.05 Trojan.Generic.KD.337313
Ikarus T3.1.1.107.0 2011.09.05 Trojan.Win32.Spyeye
Jiangmin 13.0.900 2011.09.04 TrojanSpy.SpyEyes.eto
K7Anti-virus 9.111.5083 2011.09.02 Spyware
Kaspersky 9.0.0.837 2011.09.05 Trojan-Spy.Win32.SpyEyes.mlq
McAfee 5.400.0.1158 2011.09.05 Trojan-Spy.Win32.SpyEyes.mlq
McAfee-GW-Edition 2010.1D 2011.09.05 PWS-Zbot.gen.js
Microsoft 1.7604 2011.09.04 Trojan:Win32/EyeStye.N
NOD32 6436 2011.09.05 a variant of Win32/Kryptik.SET
Norman 6.07.11 2011.09.04 W32/Suspicious_Gen2.PPEEN
nProtect 2011-09-04.01 2011.09.04 Trojan/W32.Agent.289792.CR
Panda 10.0.3.5 2011.09.04 Trj/CI.A
PCTools 8.0.0.5 2011.09.05 Trojan.Gen
Prevx 3.0 2011.09.05 -
Rising 23.73.01.03 2011.08.30 -
Sophos 4.69.0 2011.09.04 Mal/SpyEye-U
SUPERAntiSpyware 4.40.0.1006 2011.09.04 -
Symantec 20111.2.0.82 2011.09.05 -
TheHacker 6.7.0.1.290 2011.09.03 -
TrendMicro 9.500.0.1008 2011.09.03 -
TrendMicro-HouseCall 9.500.0.1008 2011.09.05 TROJ_GEN.R3AC2HV
VBA32 3.12.16.4 2011.09.02 -
VIPRE 10374 2011.09.05 Trojan.Win32.Generic!BT
ViRobot 2011.9.3.4655 2011.09.04 -
VirusBuster 14.0.200.0 2011.09.03 -

 


 

Malware Alert

Date: 4 Feb 2011
Threat Type: Malware (Spyeye)
Alert Level: Green
Criticality: Low

Description: A Spyeye malware is found to be targeting local banks in Singapore including DBS. This malicious software, which can be transmitted through compromised websites, is designed to steal private data such as user ID and pin from websites that the customer visited. A customer being asked to key in his pin and/or one-time password a few times can be an indication of Spyeye infection.

The following screenshots show how the DBS Internet Banking website differs when used in computer that is infected by this malware.





Who might be at risk?
Customers with iBanking accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

 

Remedy: The following list of anti-virus software is known to be able to detect and quarantine this type of malware.

Anti-virus Version Signature date Virus name detected
AhnLab-V3 2011.01.27.01 2011.01.27 Spyware/Win32.SpyEyes
AntiVir 7.11.2.71 2011.02.04 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2011.01.28 Trojan/Win32.SpyEyes.gen
Avast 4.8.1351.0 2011.02.04 Win32:Malware-gen
Avast5 5.0.677.0 2011.02.04 Win32:Malware-gen
AVG 10.0.0.1190 2011.02.04 unknown virus Win32/DH.BA
BitDefender 7.2 2011.02.04 Trojan.Generic.KDV.116346
CAT-QuickHeal 11.00 2011.02.04 TrojanSpy.SpyEyes.elr
ClamAV 0.96.4.0 2011.02.04 -
Commtouch 5.2.11.5 2011.02.04 -
Comodo 7586 2011.02.04 -
DrWeb 5.0.2.03300 2011.02.04 -
Emsisoft 5.1.0.2 2011.02.04 Trojan.Win32.EyeStye!IK
eSafe 7.0.17.0 2011.02.03 Win32.TRDropper
eTrust-Vet 36.1.8140 2011.02.04 Win32/Etap
F-Prot 4.6.2.117 2011.02.01 -
F-Secure 9.0.16160.0 2011.02.04 Trojan.Generic.KDV.116346
Fortinet 4.2.254.0 2011.02.04 W32/SpyEyes.ELR!tr
GData 21 2011.02.04 Trojan.Generic.KDV.116346
Ikarus T3.1.1.97.0 2011.02.04 Trojan.Win32.EyeStye
Jiangmin 13.0.900 2011.02.04 TrojanSpy.SpyEyes.bdl
K7Anti-virus 9.81.3737 2011.02.03 -
Kaspersky 7.0.0.125 2011.02.04 Trojan-Spy.Win32.SpyEyes.elr
McAfee 5.400.0.1158 2011.02.04 PWS-Spyeye.m
McAfee-GW-Edition 2010.1C 2011.02.04 PWS-Spyeye.m
Microsoft 1.6502 2011.02.04 Trojan:Win32/EyeStye.H
NOD32 5845 2011.02.04 a variant of Win32/Spy.SpyEye.CA
Norman 6.07.03 2011.02.03 W32/Malware.QKUL
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.03 Trj/CI.A
PCTools 7.0.3.5 2011.02.04 Trojan-PSW.Generic
Prevx 3.0 2011.02.04 -
Rising 23.43.04.02 2011.02.04 Trojan.Win32.Generic.12779390
Sophos 4.61.0 2011.02.04 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2011.02.04 -
Symantec 20101.3.0.103 2011.02.04 Infostealer
TheHacker 6.7.0.1.123 2011.02.02 -
TrendMicro 9.200.0.1012 2011.02.04 TSPY_SPYEYE.SMB
TrendMicro-HouseCall 9.200.0.1012 2011.02.04 TSPY_SPYEYE.SMB
VBA32 3.12.14.3 2011.02.02 BScope.Banker.xc
VIPRE 8303 2011.02.04 Trojan.Win32.Generic!BT
ViRobot 2011.2.4.4292 2011.02.04 -
VirusBuster 13.6.180.0 2011.02.03 TrojanSpy.SpyEyes!ieTmgwiMnI4

 


 

Fake DBS Website Alert

Date: 19 Jan 2011
Threat Type: Fake Website
Alert Level: Green
Criticality: Low

Description:There is a fake website found in the Internet which pretends to be associated with DBS Bank. The website www.dbsinternetbanking.org is a scam website posing as the DBS Internet Banking site. DBS Bank assures customers that it is not associated with this website. Fake websites like this can evolve to a phishing site, which will then attract users to provide their account information and password.

This website has since been removed.

Who might be at risk?
Any DBS customer

How can you protect yourself from this?
Customers are reminded to refrain from providing any confidential information. Remember, DBS will never ask you for your PIN number, via email or phone.

  • Always type in the URL of DBS website directly into the address bar of your browser.
  • Verify that the iBanking site you are visiting is legitimate. To do this, go to the address bar of your web browser and look for the “padlock” icon found at the right side. When you click on the icon, a window should appear confirming that VeriSign has identified that the certificate is issued to DBS.
  • Alert us immediately, if you notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.

 

Sample of the Fake Website:

 


 

Malware Alert

Date: 2 Dec 2010
Threat Type: Malware (Haxdoor)
Alert Level: Green
Criticality: Low

Description: This backdoor malware allows hackers to gain remote access to the users computer to steal private information such as customer ID and pin from websites that the customer visited. Haxdoor malware can be transmitted through CD-ROMs, memory sticks, external hard drives, email messages with attachments, internet downloads, file transfers, instant messaging channels, and the like.

Who might be at risk?
Customers with iBanking/IDEAL accounts

How can you protect yourself from this?
Customers are reminded to remain cautious when banking online:

  1. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
  2. Read the transaction details in the SMS or email alerts carefully. Validate that the messages reflect your actual transaction requests. For example, check that the account number is correct.
  3. Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
  4. Do not provide your card information such as card number and card PIN in the Internet Banking login page.
  5. Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
    1. receive SMS or email for transactions that you did not perform or account number that you do not know
    2. experience difficulty accessing your account after you have entered your credentials
    3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

Customers are assured that the DBS Internet Banking, DealOnline and VICKERS Online websites remain secure and is not the source of this malware.

Remedy: The following list of Anti-virus software is known to be able to detect, quarantine, and/or delete this backdoor virus.

Anti-virus Version Signature date Virus name detected
AhnLab-V3 2010.11.30.00 2010.11.29 Win-Trojan/Haxdor.60256
AntiVir 7.10.14.136 2010.11.29 TR/Crypt.FSPM.Gen
Antiy-AVL 2.0.3.7 2010.11.30 -
Avast 4.8.1351.0 2010.11.29 Win32:Trojan-gen
Avast5 5.0.677.0 2010.11.29 Win32:Trojan-gen
AVG 9.0.0.851 2010.11.30 unknown virus Win32/DH.BA
BitDefender 7.2 2010.11.30 Backdoor.Haxdoor.NN
CAT-QuickHeal 11.00 2010.11.30 (Suspicious) - DNAScan
ClamAV 0.96.4.0 2010.11.30 PUA.Packed.FSG
Command 5.2.11.5 2010.11.30 W32/Dropper.gen5
Comodo 6898 2010.11.30 Heur.Pck.FSG
DrWeb 5.0.2.03300 2010.11.30 BackDoor.Haxdoor.522
Emsisoft 5.0.0.50 2010.11.30 Backdoor.Win32.Haxdoor!IK
eSafe 7.0.17.0 2010.11.29 Win32.TRCrypt.Fspm
eTrust-Vet 36.1.8007 2010.11.29 Win32/Haxdoor!generic
F-Prot 4.6.2.117 2010.11.29 W32/Dropper.gen5
F-Secure 9.0.16160.0 2010.11.30 Backdoor.Haxdoor.NN
Fortinet 4.2.254.0 2010.11.29 -
GData 21 2010.11.30 Backdoor.Haxdoor.NN
Ikarus T3.1.1.90.0 2010.11.30 Backdoor.Win32.Haxdoor
Jiangmin 13.0.900 2010.11.30 Backdoor/Haxdoor.mv
K7Anti-virus 9.69.3115 2010.11.29 EmailWorm
Kaspersky 7.0.0.125 2010.11.30 Backdoor.Win32.Haxdoor.lw
McAfee 5.400.0.1158 2010.11.30 Artemis!B7D0C6A4BEB0
McAfee-GW-Edition 2010.1C 2010.11.29 Heuristic.LooksLike.Win32.SuspiciousPE.C
Microsoft 1.6402 2010.11.29 TrojanDropper:Win32/Bunitu.A
NOD32 5659 2010.11.29 a variant of Win32/Haxdoor
Norman 6.06.10 2010.11.29 Suspicious_F.gen
nProtect 2010-11-29.01 2010.11.29 Backdoor.Haxdoor.NN
Panda 10.0.2.7 2010.11.29 Bck/Haxdoor.OG
PCTools 7.0.3.5 2010.11.30 Backdoor.Haxdoor
Prevx 3.0 2010.11.30 -
Rising 22.76.00.01 2010.11.30 Trojan.Spy.Win32.Undef.GEN
Sophos 4.60.0 2010.11.30 Troj/Haxdor-Gen
SUPERAntiSpyware 4.40.0.1006 2010.11.30 Trojan.Agent/Gen-FSG
Symantec 20101.2.0.161 2010.11.29 Backdoor.Haxdoor
TheHacker 6.7.0.1.093 2010.11.30 Backdoor/Haxdoor.lw
TrendMicro 9.120.0.1004 2010.11.30 TROJ_MALNTL.A
TrendMicro-HouseCall 9.120.0.1004 2010.11.30 TROJ_MALNTL.A
VBA32 3.12.14.2 2010.11.29 Trojan-Droper.Win32.Goldun
VIPRE 7451 2010.11.30 Trojan.Win32.Generic.pak!cobra
ViRobot 2010.11.30.4176 2010.11.30 -
VirusBuster 13.6.66.0 2010.11.29 Trojan.DR.Haxdoor.Gen.4

 

digibank app