Although phishing is now widely known, it is not the only online scam that exists. To counter this problem, it is strongly encouraged that you exercise caution, and prudence to protect yourself from such scams. Knowing how some of these work, will equip you with the knowledge to recognize the tell-tale signs of a scam and safeguard yourself against online fraud.

Always bear in mind the following :
OCBC will never request for you to provide your private particulars such as Login ID or Password for whatever reason.
When in doubt or suspicious about the authenticity of the request, always double-check with the bank. Contact us via our official channels: www.ocbc.com.my or our hotline 1300-88 5000. Never rely on any information or link from the fraudulent email.

Some of the more common scams

Vishing (voice phishing)
"Vishing" stands for voice phishing and is one of the variations of the phishing scam.

 a) “Vishing”
How it works -an email is sent out requesting the recipient to verify his bank account immediately by calling the stated number in the email. The information given by the recipient over the phone will then be used to siphon money out of his bank account.

 b) "Cold-call Vishing"
Automated programs are designed by the fraudsters to make random calls to as many people as possible. The recipient will hear a pre-recorded message citing some valid sounding reason requesting the recipient to enter his account number and PIN or other sensitive information for verification. The information is then used in the same way as illustrated in scenario a). 
 
“Nigerian Scams”
These get-rich-quick scams have been around for many years, initially through letters, faxes, telexes and have progressed to emails.

 How it works - a fraudulent email is sent on behalf of a very rich and powerful individual or a government office. The email requests the use of the recipient's bank account to transfer large sums of money out of their country. In return, the recipient will be rewarded handsomely. Should the recipient respond, the fraudster will eventually request for some money to be sent citing reasons like the need to bribe officials who are blocking the transfer.

This is a classic example of "if an offer is too good to be true, it usually is".

Other variations:

- the recipient is a winner of a foreign lottery and will need to pay tax before he can receive his winnings.
- the millions of dollars that need to be transferred is part of the embezzled funds of an ousted / deceased dictator.
- the sender purports to be a company representative and you will need to pretend to be the next of kin of a deceased
  customer in order to receive a certain percentage of the estate

A) Protecting Your Password

Your password is important. Follow these tips when selecting a secure password:

• Never reveal your ID and Password to anyone. If you suspect that someone has gained access to your User Name and Password, change it immediately.
• Do not use the same number or letter sequence for User Name and Password.
• Avoid using the same password for everything, such as email, voice mail, etc
• Use both upper and lowercases or mix letters with numbers and if possible include symbols.
• Avoid easily identifiable passwords such as phone numbers and birth dates.
• Change your password frequently using the "Chg Passwd" function.
• If you suspect any unusual activity or the last logon time stamp, you should immedialtely change your password by using the "Chg Passwd" function.
• Do not use password from other Internet sites.
• Do not leave your system unattended when you are logged on to https://www.ocbc.com.my/internet-banking/
  Always clear your PC browser's cache after each session. This will ensure that all your account information is permanently removed from your system memory. How to Clear Your Cache
  • Check and ensure that your PC browser does not store your password. If you are using Microsoft Internet Explorer 5.5 and above, you should check and ensure that the browser's 'Use Online AutoComplete' function is disabled.
  • On you Internet Explorer browser Menu bar, go to [Tools].
  • Select [Internet Options].
  • Select [Advanced] and scroll down to [Browsing].
  • Uncheck [Use Online AutoComplete].
  • Click [OK].
     

B) Additional Security Tips

• Install anti-virus or anti-spyware and firewalls in your personal or home computers, particularly when they are linked via broadband connections, digital subscriber lines or cable modems.
• Update the anti-virus and firewall products with security patches or newer versions on a regular basis.
• Remove file and printer sharing in your computers, especially when they have Internat access via cable modems, broadband connections or similar set-ups.
• Make regular backup or critical data.
• Consider the use of encryption technology to protect highly sensitive data.
• Log off the online session and turn off the computer when not in use.
• Do no install software or run programs of unknown origin.
• Delete junk or chain emails
• Do not open email attachments from strangers.
• Do not select the option on browsers for storing or retaining user name and password.
• Do not disclose personal, financial or credit card information to little-known or suspicious websites.
• Do not use a computer or a device that cannot be trusted.
• Do not use public or Internet cafe computers to access online banking or perform online financial transactions.
• Once your Access Code/User ID/Username or PIN/Password become invalid or cease to have effect, you should inform us immediately by using the e-mail option “Contact Us” or our Call Centre at 1300-88-5000.
• You should also exercise precaution against viruses or other programmes such as Trojan Horse that can capture your password keystrokes and other personal information. Such captured data can be sent to another party without prior consent. To avoid getting infected, we recommend that you
  (1) equip your Personal Computer with the latest virus detection software so as to protect yourself against any virus attacks and other malicious attacks,
  (2) update the anti-virus and firewall products with security patches or newer versions on a regular basis,
  (3) avoid downloading any files from websites and people you are not sure about,
  (4) avoid using programs that allow you to automatically get or preview files and
  (5) install a personal firewall to protect against hackers, virus attacks or Trojan Horse programs.
• You should check your account and transaction history regularly to ensure that all details are updated and that there are no unauthorised transactions on your account(s). OCBC Internet Banking will display your last login date and time, whenever you logon, to help you monitor this.
• If you notice any unusual/unauthorised transactions, please change your PIN and notify us immediately. It is important that you inform us immediately.
• Your usage of OCBC Internet Banking is subject at all times to the Internet Banking Terms and Conditions. You should therefore read carefully and adhere to the recommended security practices. The Bank is not responsible for any loss or damage in connection to the use of OCBC Internet Banking services unless such loss is attributable to our negligence or wilful default.
  
  As a user OCBC Internet Banking, you have the right to
  (1) suspend your Internet Banking Access immediately should you suspect any unusual activity and/or unauthorised access,
  (2) terminate this service,
  (3) request for a new set of OCBC Internet Banking PIN and
  (4) obtain information from the Bank regarding your online transactions