Security Alert: Dridex Malware (22 December 2014) Dear customers, We would like to bring your attention to recent reports of Dridex Banking Malware (Dridex) targeting internet banking websites. This malware steals customers’ login information e.g. Organisation ID, User ID, Password and One-Time-Password or Security Code. If you have any further queries, please contact us at 1300 88 7000 (within Malaysia) or 603-8317 5200 (outside Malaysia). How Dridex Works Hackers send phishing emails that may appear to originate from trusted companies. The email may appear to the unsuspecting user to be an invoice or an accounting document. The Dridex malware is hidden in a macro embedded in a Microsoft Word document attached to the email. If the malicious Microsoft Word document is opened by the user, the user is prompted to enable macros. If the user does so, Dridex will be downloaded onto the computer. If the macro feature was already enabled prior to opening the document, the attack automatically starts once the document is opened. Once Dridex is downloaded, it searches for files or activity related to online banking, extracting usernames and passwords. Users will also be prompted to provide additional information through a fake web page or pop-up window. If your computer is infected, these are some ways a malware will attempt to steal your login and authorisation information: you may receive multiple prompts to login even when you have already entered your login information you may be asked to enter all your login information on one page, instead of two. E.g. the fraudulent website will ask for your Organisation ID, User ID, Password and One-TimePassword or Security Code all on a single page. On the legitimate Velocity@ocbc website, the login process is done over two pages First page: Organisation ID, User ID, Password Second page: One-Time-Password or Security Code you may be prompted to enter the One-Time-Password or Security Code from your hardware token even if you did not perform any online transactions from your account. If you experience the above while on your internet banking site, please DO NOT proceed with your online banking activities and follow the steps below: 1. 2. 3. 4. Close the browser. Ensure that your anti-virus software is up to date. Run your anti-virus software and scan the files on all devices (eg. laptops, desktops).that you use to access online banking. If your computer is not installed with an anti-virus software, please install with an up-to-date version immediately and perform a scan on your devices. 221214 OCBC Bank. All Rights Reserved Page 1 of 2 5. 6. Restart your computer and login to Velocity@ocbc again. You should not encounter the same bogus site again if the malware has been completely removed. Change your password immediately in Velocity@ocbc before performing your internet banking transactions. If you suspect that the malware has not been successfully removed, please do not use the same computer for any online banking transactions. Login to Velocity@ocbc using an uninfected computer to change your password. We would like to assure you that our internet banking websites remain secure. You are reminded to stay vigilant when banking online. The following are some tips that you can take note of to protect your computer from being infected with such malware: • • • • • • • • Cancel any suspicious looking transaction/s in Velocity@ocbc Install anti-virus software in your electronic devices (laptops, desktops), ensure regular updates with the latest virus signatures and scan your devices regularly. Change the password to your email accounts and Velocity@ocbc login, after ensuring that your electronic devices had been scanned. Differentiate passwords, especially for your Velocity@ocbc login and email account from other online accounts [eg. subscription based sites, online merchants, social media, etc] If you need to perform a transaction through Velocity@ocbc, please use an uninfected laptop/desktop. Do not enter any One-Time-Password or Security Code for transactions that you did not initiate or request. Avoid visiting unknown and unsecured websites. Do not open unknown or suspicious attachments, even if they are from senders you know. At OCBC Bank, protecting your information is our priority. For more about online security and how to protect yourself from fraud, please visit: http://www.ocbc.com.my/business-banking/help-andsupport/tips-and-notices.html 221214 OCBC Bank. All Rights Reserved Page 2 of 2
© Copyright 2024