DBS/POSB Anti-Malware Security Features

What we are doing to better protect you from malware threats and scams.

Important information

  • For the security of your accounts, we may restrict your digibank and/or PayLah! access. Please follow our detailed guides below to restore your digibank and/or PayLah! access.
  • If you suspect that you are a victim of scam, call our 24-hour fraud hotline at 1800 339 6963 or (65) 6339 6963 from overseas.

The rise of malware threats

Malware threats are on the rise, with scammers using carefully planned and sophisticated methods to trick customers into downloading malware through malicious apps. Once your phone is infected by malware, scammers can steal sensitive information like your banking login credentials and SMS OTPs. They can remotely control your mobile device to perform fraudulent monetary transactions without your knowledge or consent.


What we are doing to protect you

We have recently enhanced our anti-malware capabilities to prevent scammers from logging into customers’ digibank and PayLah!.

Our enhanced anti-malware tool restricts digibank and/or PayLah! access when it detects log-in attempts from mobile devices that are likely infected with malware or have settings that make it prone to security vulnerabilities. This includes:
  1. Known malware applications and jailbroken or rooted mobile devices
  2. Mobile devices with risky apps or permission settings
  3. Mobile devices with potentially unauthorised ongoing screen-sharing

To safeguard your banking accounts and monies, you will need to remove the malicious or risky apps, turn off accessibility permission settings or stop screen-sharing before you can access digibank and/or PayLah! again.

As with all our security features, customers can be assured that the use of the anti-malware tool is limited to the detection of malware activity and security threats. No additional personal data from their device is collected.


Seeing a restricted access message on digibank and/or PayLah! app?

This is our precautionary measure to safeguard you against potential malware threats. If you see this, it means that your mobile device is likely exposed to malware-related threats.

Select the message you see on your mobile device and we’ll guide you on how to restore your digibank and/or PayLah! access.

Why are you seeing this?

digibank mobile DBS PayLah!

If you see this message, it means that your mobile device contains apps that are not downloaded from official app stores and has accessibility settings switched on. This may give scammers control of your device.

To safeguard your banking account, access to digibank and PayLah! have been restricted.

To secure your device, you will need to:
  1. Uninstall the apps shown in the message that pops up on your screen when you open your digibank mobile or PayLah! app. (Recommended)
  2. Or, if you trust that the app is safe, you can turn off ‘Accessibility’ for the listed apps via the ‘Settings’ menu on your device

    Note: The steps to turn off an app’s ‘Accessibility’ may differ by phone model. Please check with your device manufacturer for details.
Your privacy matters. Use of the anti-malware tool is limited to the detection of malware activity and security threats. No additional personal data from your device is collected.
If you trust that the identified apps are safe and wish to continue using them alongside your digibank or PayLah! app, you may turn off ‘Accessibility’ for the identified apps. You will be able to access the digibank or PayLah! app after.
Accessibility settings, like text-to-speech, provide user interface enhancements that makes it easier for users with disabilities to navigate a mobile device. However, cyber criminals are abusing these settings to control the device remotely or steal sensitive information.
The steps to turn off an app’s ‘Accessibility’ may differ by phone model. Please check with your device manufacturer.

Here are steps to change accessibility settings for some popular phone models:
  • Samsung Galaxy A53 5G / Flip 4 / Fold4 / A73 5G / S21 Ultra / A23 5G: Settings > Accessibility > Installed Apps
  • Samsung Galaxy S21 5G / Galaxy S10: Settings > Accessibility > Installed Services
  • Oppo A78 5G / Reno8 5G: Settings > Additional Settings > Accessibility
  • Oppo Find X2 Pro / A17: Settings > System Settings > Accessibility
  • Huawei P50 Pro: Settings > Accessibility features > Accessibility > Installed Services
  • Huawei Nova 3i / Nova 5T: Settings > Smart Assistance > Accessibility
  • Huawei Mate30 & Huawei Y9a: Settings > Accessibility features > Accessibility (Scroll down to Downloaded Services)
  • Google Pixel 5 / Pixel 3 XL: Settings > Accessibility
  • Redmi Note 10 5G: Settings > Additional Settings > Accessibility > Downloaded Apps
  • Poco X5 5G: Settings > Additional Settings > Accessibility > Downloaded Apps
Our anti-malware tool flags apps that have been downloaded from sources other than official app stores. Some well-known apps come from non-official sources, so they carry potential security risks.
  • Google Play Store
  • Samsung Galaxy Store
  • Huawei AppGallery
  • Xiaomi MI App Store
  • Amazon appstore
  • Vivo V-Appstore
  • Oppo App Market

Why are you seeing this?

digibank mobile DBS PayLah!

If you see this message, it means that your device is likely infected with known malware applications, or is jailbroken or rooted. You may have downloaded malicious apps via links in text messages, social media or third-party websites instead of official sources like the Google Play or Apple App Store.

If your mobile device is jailbroken or rooted, refer to our guide.

If your mobile device is not jailbroken or rooted, follow the steps below to remove the malware.
The Singapore Police Force and Cyber Security Agency of Singapore advise these steps to secure your device:
  1. Disconnect your mobile device from the internet. Turn off WiFi and mobile data, or turn on Airplane Mode, so scammers cannot access your phone through the malicious app.
  2. Go through your list of installed apps. Look for anything suspicious:
    • Apps not downloaded from the official app store
    • Apps you do not recognise or do not recall downloading
    • Suspicious apps with generic names, wrong spellings, or unauthorised app store icons.
  3. Delete such apps from your mobile device.
For more detailed steps on removing malware, please refer to your device manufacturer: Android Mobile devices
We recommend doing a factory reset of your phone. And as your credentials could have been accessed by scammers through the malware, you should reset all your passwords and change your user IDs.

If you spot suspicious activity on your digibank account such as unauthorised transactions, call our 24-hour DBS fraud hotline at 1800 339 6963 from Singapore or (65) 6339 6963 from overseas to report it immediately.

Why are you seeing this?

If you see this message, it means that screen-sharing or mirroring is taking place on your device. This may be a sign of a malware attack. To safeguard your banking account, access to digibank will be restricted while screen-sharing or mirroring is going on.

To restore digibank access, you will need to:
  • Stop screen-sharing if you are doing so
  • Or find the apps listed in our message to you on digibank and delete them from your device.


Is your device jailbroken or rooted?

Jailbreaking (for Apple devices) or rooting (for Android devices) means removing the software restrictions put in place by device manufacturers. Some users do this so they can install third-party software from unofficial sources.
Your device’s manufacturer sets limitations so you can only use software that is verified, safe and legal. By jailbreaking or rooting and downloading unofficial apps, it:
  • gives malicious apps and their creators, possibly scammers, a back door into your phone and private data
  • voids the warranty of your device
  • can damage your device and make it faulty or unstable
  • weakens your device security
  • may be illegal if you download software that infringes on copyright laws
You may wish to perform a factory reset on your device. If this does not work, you may need to setup your digibank mobile or PayLah! on another device which has not been jailbroken or rooted.
You may need to setup your PayLah! on another device which has not been jailbroken or rooted.


Frequently Asked Questions

If you need to make an urgent banking transaction, you may visit any of our DBS/POSB ATMs or branches where our staff can help you with your requests. Find the nearest branch and their opening hours using our ATM & Branch Locator.

You may also use digibank online on your laptop or desktop. However, only limited services will be available as you will not be able to perform some transactions that require additional authentication. For instance, the adding of new recipients or increasing of your transaction limits.

You are strongly encouraged to secure your mobile device before you continue to perform any banking activity.
Your privacy matters. Use of the anti-malware tool is limited to the detection of malware activity and security threats. No additional personal data from your device is collected.
No. With the rise in malware-related scams and attacks, this is a mandatory security feature that has been put in place to safeguard your banking accounts and monies.
While this security feature can detect malware activity with a high degree of accuracy, no security feature is foolproof. As scammers become more sophisticated in their operations, we encourage customers to play their part to form a strong multi-layered defence.

To remain vigilant, be careful of the types of apps you install and the permissions you enable on your phone. Check out our Security Alerts webpage to be aware of the latest security threats.


Knowledge and Tips

Malware or “malicious software” is any software that is used to disrupt operations, gather sensitive information or gain access to a device, including a smartphone.

More info from the Cyber Security Agency of Singapore can be found here.
Once a malicious application is installed, scammers can remotely access the victim's device and steal sensitive information, including personal data and banking credentials to perform fraudulent monetary transactions.
Scammers employ social engineering tactics and fake advertisements on social media platforms and e-commerce websites. They often offer enticing deals for products and services. They include popular foods like durian and seafood or services like food catering, pet grooming, home cleaning and aircon maintenance.

Victims are then tricked into clicking on a web link to download an app that is not from the official Google Play or Apple App Store.
When the malware app is installed, scammers will have access to control your device remotely and may use this ability to steal your personal and banking credentials. They can even log in to your digibank and perform fund transfers without your knowledge.
  • Device is operating slower than usual
  • Apps are taking longer to load
  • Battery drains faster than expected
  • Seeing a lot of pop-up ads
  • Device has unfamiliar apps that you do not recognise
  • Unexplained increase in data usage
  • Higher than expected phone bills
  • Because it probably is! Scammers have been offering fake, attractive deals like extremely cheap iPhones or durians, and very low prices for services like cleaning or pet grooming. Such scams are often found in website ads, emails, text messages, or on WhatsApp.
  • Once you click on the ad or contact the seller, you may be asked to download unfamiliar, harmful apps to make payment. That’s how your device gets infected with malware.
  • When downloading mobile apps, only use trusted sources like the Google Play Store or Apple App Store. These app stores have measures in place to reduce your risk of installing harmful apps.
  • Even on official stores, always check the descriptions, reviews and ratings of apps to make sure they're trustworthy. Avoid downloading apps from third-party websites, emails, text messages, or social media!
  • Whenever an app you install asks for permissions, take a moment. If it asks for accessibility permissions, full control over your device, or access to sensitive information like your text messages and emails that it does not need, it could be a warning sign of a malicious threat.
  • For example, a shopping app should not be asking for access to your contact list, camera or photos. Such permissions can allow a scammer to get full control of your device.
  • Consider using reputable mobile security software to protect your device. Such software can help detect and block any harmful apps and alert you to potential risks.

To strengthen your digibank security, knowing what tools you have to protect yourself is crucial.

  • Personal Particulars Update: Keep your contact details updated to get timely alerts and detect fraudulent transactions early.
  • Transaction Alerts: Set alerts on your bank accounts and debit or credit cards to be notified of transactions.
  • Transfer Limits: Set lower daily transfer limits in digibank to limit your exposure to fraudulent transactions.
  • Payment Controls (for your card): Review your card transactions regularly. If you notice anything unauthorised, use Payment Controls to block your debit or credit card immediately and call us.
  • Safety Switch (for your account): Suspect a scam attack on your account? Activate our Safety Switch to suspend access to your funds and self-service banking facilities quickly.
  • DBS Fraud Reporting Hotline: Call the DBS fraud hotline at 1800 339 6963 from Singapore or (65) 6339 6963 from Overseas to report any fraudulent transactions.

If the guide did not work for you, you can Get in Touch with Us.

Was this information useful?

We welcome your feedback

Information is easy to understand and find
Information is useful to answer your inquiries completely
Let's bank safely together
Explore our Bank Safely Hub to learn the latest scam alerts and tips on how to protect yourself.