Search
Back
Financing  
 
Property Refinancing
Refinance your mortgage with CIMB and enjoy greater savings.
Valid until 31st Dec 2024
Remittance  
Sustainability at CIMB  
CIMB@Work  
Islamic Banking Overview  
Investments  
 
CIMB 0.8% ESG Unit Trust Promotion
Start your sustainable investment journey with as low as RM100*!
Valid until 7th Feb 2025
Latest Promotions  
CIMB Deals  
CIMB OCTO App  
CIMB Clicks  
CIMB Partner Pay Solution  
Apply for Products  
DuitNow QR  
Tailoring Your Unique Financial Journey  
Customer Help Centre  
You're viewing:
Personal Banking
Other Sites
Day To Day Banking
Accounts
Cards
Financing
More Services
Islamic Banking
Wealth Management
Investments
Insurance/Takaful
Help & Support
Rates & Charges
Calculators
Security & Fraud
logo
MY - EN
How does it work?

If your computer is infected with malware, it will be able to capture your User ID, password & TAC while you browse any online banking site.

A pop up will appear to trick you into keying in your mobile number and operating system. DO NOT proceed further!

If you have entered the above info, you will receive an SMS with malicious link that will install malware into your smartphone and it will be able to steal your SMS TAC.

Perform and anti virus/malware scan to both your computer and mobile devices. DO NOT perform any online transactions if you have encountered any of the above.

The Don'ts
 
  1. Do not click on adware or suspicious URL sent through SMS/messaging services. Malicious program could be attached to collect user's information.

  2. Do not use public wifi networkds for bank transactions and turn off Bluetooth connection when not in use. These can be open windows for eavesdroppers intercepting the transaction or installing spyware and other malware on user's computer/mobile devices.

  3. Do not enter TAC for activities which you did not initiate.

  4. Do not open unknown or suspicious attachments in emails, even if they are from senders you know.

  5. Do not plug your USB stick into just any computer.

  6. Do not save your Online Banking login details on a public computer.
What you have to do
 
  1. Checking your transactions regularly.

  2. Verify an app's permission and author or publisher before installing it.

  3. Safeguarding your personal details.

  4. Always run a reputable anti-virus on your computer/mobile devised, and keep it up-to-date regularly.

  5. Update the operating system and applications on your computer/mobile devies, including the browser, in order to avoid any malicious exploits of security holes in outdated versions.

  6. Changing your password periodically.

  7. Since URL on mobile site appears differently from desktop  browser, make sure to verify it first.

  8. Only download apps from official app stores onto your device.

  9. Please ensure that accessibility permissions for all apps on your device are turned off.
Example of displayed pages in sequence on victim's device

Using a malware-infected computer, the attacker can inject fake content while the user is browsing a legitimate online banking website.

Upon clicking the 'Continue' button, user will be prompted for his mobile operating system and mobile number.

Once customer clicks 'Send SMS' button, an sms with a malicious link asking to install the fake app will be sent to infect the smartphone.

If it’s installed, the malware will be able to steal the TAC.