Your security matters to us

TIPS TO FOLLOW

Do's

  • Be wary of unsolicited requests by email, SMS or phone asking for personal or sensitive information, or that require you to log in and verify your account. Under no circumstances will the Bank ask you to reveal your PIN/Password.
  • Pay attention to the URL. Always key in the domain name of the Bank (correctly) into your browser when logging in to the Bank’s website.
  • Keep your contact details up-to-date to receive SMS alerts or e-mail notifications for online banking transactions and activities.
  • Check your bank account balances and transactions frequently. Inform the Bank if you are aware of any suspected fraudulent activity, or if you notice any unusual/unauthorised transactions.

  • Be wary of unsolicited requests by email, SMS or phone asking for personal or sensitive information, or that require you to log in and verify your account. Under no circumstances will the Bank ask you to reveal your PIN/Password.
  • Pay attention to the URL. Always key in the domain name of the Bank (correctly) into your browser when logging in to the Bank’s website.
  • Keep your contact details up-to-date to receive SMS alerts or e-mail notifications for online banking transactions and activities.
  • Check your bank account balances and transactions frequently. Inform the Bank if you are aware of any suspected fraudulent activity, or if you notice any unusual/unauthorised transactions.

Don'ts

  • Do not share your password, PIN and One-Time-Password (OTPs) with anyone.
  • Do not display your account information in a manner that is visible to others. Your device should never be left unattended.
  • Do not accept links or redirections from other websites or media for the purpose of logging into your OCBC Velocity account.
  • Do not click on hyperlinks or attachments provided in emails or mobile messages, such as by SMS or WhatsApp, from suspicious or unknown sources.

  • Do not share your password, PIN and One-Time-Password (OTPs) with anyone.
  • Do not display your account information in a manner that is visible to others. Your device should never be left unattended.
  • Do not accept links or redirections from other websites or media for the purpose of logging into your OCBC Velocity account.
  • Do not click on hyperlinks or attachments provided in emails or mobile messages, such as by SMS or WhatsApp, from suspicious or unknown sources.

TYPES OF FRAUD

Phishing Scams

Malicious emails or websites that try to gain access to your account info.

What it does?

Phishing emails are always disguised to look like they are from a trusted organisation. This is intended to trick people into clicking on the phishing website or downloading malicious files. The hyperlink in the email might redirect you to a phishing website resembling OCBC Velocity, prompting you to enter your login credentials such as your passwor, PIN or One-Time-Password (OTP). Other than emails, such phishing website hyperlinks may also appear in the results when you are performing searches online.

Identify the tell-tale signs






How to protect yourself?

Do's
  • Pay attention to the URL as malicious websites may appear identical to a legitimate site, but with a slight variation to the URL.
  • Use different passwords especially for your OCBC Velocity login and email account.
  • Always keep your contact details with the bank up to date.
  • Always type the official OCBC Velocity login URL (https://velocity.ocbc.com) directly into the address bar.
Don't
  • Reveal or key in your banking details into suspicious websites or emails soliciting your account credentials.
  • Open any attachments or links in suspicious emails.

Stop. Think. Before You Act.

Stay vigilant and do not respond to any email or SMS that asks for your confidential information. If you are unsure, please validate the request by contacting an official through a registered number. If you notice an unusual or unauthorised transactions taking place – either via SMS alerts or email notifications – please call us immediately at 603-8317 5200.

Phone Scams

Deceptive phone calls attempting to acquire your banking credentials.

What is an impersonation scam call?

An impersonation scam focuses on tricking users into believe something is true through seemingly legitimate interactive automated voice messages. Victims receive calls/interactive voice messages from fraudsters impersonating representatives or officers from courier companies, banks, customs officers, the police, or government bodies.

Popular types of phone scam

1
Macau scam
  The scammer disguises himself or herself as a representative of a government body or legitimate institution. The person then claims that the victim has outstanding loan payments or unpaid fines. The victim will later be asked to transfer funds to avoid penalties or lawsuits.
2
Parcel scam
  The scammer claims to be calling from a courier company or the customs office, informing the victim that he or she has unclaimed packages or parcels that are being held back because they contains illegal items. The victim is then requested to transfer funds to release the parcel and avoid detention by the authorities.
3
e-Commerce scam
  The scammer entices the buyer to purchase products with fantastic deals and later asks for further payments for things like a delivery fee, insurance cost coverage or customs taxes to claim the product. Once the payments are made, the scammer will become uncontactable.
4
Phishing call
  The scammer tricks the victim into entering a phishing website resembling their online banking website and then invites them to change their password or transfer money. Your banking credentials will be stolen once you log in to the phishing site.

Some common signs of scam call

  • Suspicious phone number.
  • Delayed greeting or the use of automated voice response.
  • The call comes from companies or government bodies with whom you do not have an association.
  • You are invited to identify yourself by revealing personal or banking information.
  • The caller tries to make you panic or rush you into decisions.
  • The caller offers promotions or gifts that sound too good to be true.

What you should do if you receive a scam call

When in doubt, just hang up!
Do not share your internet banking credentials (passwords, PIN and One-Time-Passwords (OTPs)) to anyone or display the information in a manner that is visible to others.

Please be reminded that the Bank or government officials will not make unsolicited requests for your sensitive information through email or by phone.

If you have accidentally disclosed any personal or banking information to a suspicious caller or if you notice any unusual or unauthorised transactions, please call us immediately at 603-8317 5200.

Business email compromise scams

Deceptive emails designed to trick you into transferring payment to a fraudulent bank account.

What is a business email compromise scam?

A fraudster may impersonate a senior executive or business partner using a similar or hacked email address to ask for payments to be directed to a new bank account under their control; or to steal critical business information for future attacks.

Safeguard yourself and your business from this scam

As a business owner
  • Instil awareness about cyber-security and email best practices in your employees.
  • Conduct timely reviews to ensure that the current internet banking user listings are always kept up to date. Remove any users who have left the company.
As an employee
  • Be suspicious of urgent payment requests, including those that are out of the ordinary.
  • Carefully analyse all email request to transfer funds.
  • Always verify changes in payment details with a call back to a known number.
  • Do not click on hyperlinks and attachments from unknown sources.

If you have accidentally disclosed personal or banking information to a suspicious caller or if you notice unusual or unauthorised transactions, please call us immediately at 603-8317 5200.

Besides calling the Bank, you can also perform self-service per below under such circumstances:

  1. Suspend your access temporarily to OCBC Velocity.
  2. Reset your OCBC Velocity password.

Malware

Intercepts communications between your browser and the Bank, it picks up sensitive or personal information such as your password and login ID.

How malware works

1
2
3
Hackers send phishing emails with hyperlinks or attachments that appear to originate from trusted sources. Malware will be downloaded onto the user’s device once the link/attachment is opened. The installed malware will search and intercept files/online banking activities, maliciously stealing your banking credentials.

Common types of malware

    1. Virus
      Viruses can spread across devices and execute its own code to steal sensitive information. They can corrupt files through fake pop-ups that lure a person to visit unusual sites.

    2. Ransomware
      Computers infected with ransomware will result in restricted access until a ransom is paid.

    3. Trickbot
      Once your computer is infected, trickbot intercepts your communication with the internet banking site. Fake screens and pop-ups will appear to lure you into entering your login credentials.

    4. Spyware
      Spyware maliciously watches and monitors user activity and harvests confidential data without their knowledge.

How to tell if your devices have been infected

  • The URL or screen shown on the login page is different from the official page: https://velocity.ocbc.com/login.html.
  • You are repeatedly prompted to key in your login credentials even after you have entered it correctly.
  • Suspicious account activities where you receive SMSes and OTPs for transactions you did not perform.
  • You receive excessive pop-up messages or redirection to third-party websites.

How to protect yourself

  • Key in the domain name of the bank in your browser to log onto OCBC Velocity rather than copying and pasting or via a pre-existing link.
  • Install and maintain the latest anti-virus software.
  • Do not open any unsolicited email or email from suspicious sources.
  • Do not use public computers or connect to unsecure or publicly available WiFi to perform online banking activities.
  • Do not install software or run programmes of unknown origin.

We would like to assure you that our OCBC Velocity is secure. As malicious software is constantly evolving, we strongly recommend that payment makers and authorisers always stay vigilant and verify the authenticity of all outgoing payment instructions, on top of scanning your devices for potential attacks regularly.

If you notice any unusual or unauthorised transactions that you did not initiate, please inform us immediately by calling 603-8317 5200.

How malware works

1

Hackers send phishing emails with hyperlinks or attachments that appear to originate from trusted sources.

2

Malware will be downloaded onto the user’s device once the link/attachment is opened.

3

The installed malware will search and intercept files/online banking activities, maliciously stealing your banking credentials.

Common types of malware

    1. Virus
      Viruses can spread across devices and execute its own code to steal sensitive information. They can corrupt files through fake pop-ups that lure a person to visit unusual sites.

    2. Ransomware
      Computers infected with ransomware will result in restricted access until a ransom is paid.

    3. Trickbot
      Once your computer is infected, trickbot intercepts your communication with the internet banking site. Fake screens and pop-ups will appear to lure you into entering your login credentials.

    4. Spyware
      Spyware maliciously watches and monitors user activity and harvests confidential data without their knowledge.

How to tell if your devices have been infected

  • The URL or screen shown on the login page is different from the official page: https://velocity.ocbc.com/login.html.
  • You are repeatedly prompted to key in your login credentials even after you have entered it correctly.
  • Suspicious account activities where you receive SMSes and OTPs for transactions you did not perform.
  • You receive excessive pop-up messages or redirection to third-party websites.

How to protect yourself

  • Key in the domain name of the bank in your browser to log onto OCBC Velocity rather than copying and pasting or via a pre-existing link.
  • Install and maintain the latest anti-virus software.
  • Do not open any unsolicited email or email from suspicious sources.
  • Do not use public computers or connect to unsecure or publicly available WiFi to perform online banking activities.
  • Do not install software or run programmes of unknown origin.

We would like to assure you that our OCBC Velocity is secure. As malicious software is constantly evolving, we strongly recommend that payment makers and authorisers always stay vigilant and verify the authenticity of all outgoing payment instructions, on top of scanning your devices for potential attacks regularly.

If you notice any unusual or unauthorised transactions that you did not initiate, please inform us immediately by calling 603-8317 5200.

OUR WEBINAR SERIES

Watch our public community webinar series to learn how you can be safe and smart against any potential frauds and scams.

MORE VIDEOS

Don't be fooled by these scams! Find out how else you can keep yourself and your loved ones financially and emotionally safe from scams.

SCAM! Hati-hati apabila menerima SMS

Jangan tekan pautan yang mencurigakan dalam SMS.

Panggilan Scam! Jangan jadi mangsa

Jangan panik ketika menerima panggilan daripada orang yang tidak dikenali.

Jangan menjadi mangsa Keldai Akaun

Jangan meminjamkan, berkongsi atau menyewakan bank akuan anda.

BEWARE OF SCAMS
Online Banking Tips

Stay vigilant and take precautions to protect yourself from online scams.

e-Commerce Scams

Be cautious of fraudsters posing as fake buyers/sellers on online platforms.

BEC Scam

Stay one step ahead and don't let cybercriminals compromise your business.

Smartphone Tips for Better Security

Ensure that your smart devices are safe from digital scams.

Mule Account Scam

Never trust any third party with information of your personal bank account details.

APP Schemes Scam

Beware of scam adverts with fraudulent application schemes.

Mule account scams

Never lend, share or rent your bank account.

Mule account holder

You can be prosecuted for money laundering.

Macau scam

Be vigilant when receiving calls from individuals claiming to be from regulatory bodies.

Love scams

Don't fall victim to a scammer.

Online loan scams

Never accept loan offers on social media.

Shopping scams

If it's too good to be true, it probably isn't.

NEED HELP?

Let us know your security concerns

WAYS WE PROTECT YOUR COMPANY

Automatic malware and fraud detection

Our system validates your devices to protect you against financial malware and prevent fraudulent transactions from taking place.

Every transaction is digitally signed

OCBC Velocity is equipped with two-factor authentication, which means your transactions are digitally signed by entering the One-Time-Password (OTP) generated from your security token. This is to tamper-proof and safeguard your transaction.

Each user is issued with an individual token

Each user is issued with their own login credential and unique security token. All account activities are tracked with a corresponding transaction transaction audit trail.

Secure, encrypted pages

Our website is secured and authenticated with digital certificate technology. The "closed lock" icon on our online banking site means the information from your device to our systems is encrypted end-to-end. This ensures transaction privacy.

WAYS WE PROTECT USERS

Two-factor authentication

Users are required to verify their identify by providing TWO authentication factors, i.e. "something you know" (log-in credential) and "something you have" (security token).

Transactions alerts and notifications

An SMS and/or email alert is triggered whenever there is a high-risk transaction activity performed from your business account. This is to prevent unauthorised transactions from taking place.

Automatic inactivity logout

OCBC Velocity will automatically terminate your browser session if there is no activity after a certain period of time.

Security advisory and tips

We constantly update our security notices and advisories to alert and educate users of the latest online security threats and preventive measures.

NEED HELP?

Let us know your security concerns

STAY SAFE FROM SCAMS

SCAM! Hati-hati apabila menerima SMS

Jangan tekan pautan yang mencurigakan dalam SMS.

Panggilan Scam! Jangan jadi mangsa

Jangan panik ketika menerima panggilan daripada orang yang tidak dikenali.

Jangan jadi mangsa Keldai Akaun

Jangan meminjamkan, berkongsi atau menyewakan bank akaun anda.