Date: 28 October 2014
Threat Type: Security Vulnerability
Alert Level: Amber
Description: A vulnerability known as "POODLE" has been discovered on the SSL (Secure Sockets Layer) v3 used by Internet Explorer version 6 and below. SSL is used to establish an encrypted link between a website and a web browser (such as Internet Explorer) to keep the customer credentials and transactions secure. With the "POODLE" vulnerability present, an attacker will be able to take control of the customer SSL channel which will then allow him to steal secret information such as account details.
Who might be at risk? DBS Vickers websites have layered security controls such as 2FA, OTP that keep online trading transactions secure. However, customers using Internet Explorer version 6 and below are still at risk of having their private information (such as web cookies, username or account details) stolen if an attacker exploits this vulnerability.
How can you protect yourself from this?
-Customers are urged to visit the website below to download and install the latest version of popular web browsers:
-Change your passwords regularly.
-Do not reveal your DBS Vickers user id or log in password to anyone.
-Call us immediately at our Customer Service Line (65) 6327 2288 for Singapore and (852) 2902 3888 for Hong Kong, if you notice unknown transactions appearing on your account.
DBS Vickers Online
28 Oct 2014