Latest Phishing Emails / Website Scam

Latest Phishing Emails / Website Scam

 

It has been brought to the Bank’s attention that there are phishing emails in circulation requesting recipients to activate their online banking and/ or to change their online account profile.

When the recipient of the phishing emails click on the link furnished in the email, they will be directed to a dubious online banking site that looks like the real online banking site of the Bank. Therefore, we would like to caution all our customers and members of public not to provide any confidential personal and/ or financial information via unsolicited channels. The Bank will never request you to do this.

 

Contents of the phishing email

  1. Requires you to submit confidential personal and/ or financial information directly via email or via the link furnished in the email
  2. Requires you to key-in your username and password of your online banking
  3. Require you to activate your online access and/ or change your profile
    • You may even receive a SMS purportedly from the Bank on the successful activation of your account.
  4. Require you to request for a Transaction Authorization Code (TAC) to complete a transaction
    • You may receive a SMS on confirmation for TAC request for registration of a Registered Interbank Transfer for instance. This could be a valid SMS from the Bank as your details could have been used by the fraudster to access to your online banking account.
  5. Warns you of an unauthorized access to your account and require confirmation on your personal/ account details
  6. Makes threats to close or suspend your account and / or online access if you do not respond

 

List of scam websites that have been identified and sample

Scam websites:

Sample:

 

Steps to be taken for protection


1. Never access the Bank’s website from attachments or links in an email. Type the Bank’s correct address http://www.affinbank.com.my or http://www.affinonline.com manually at the address bar or bookmark the link.
2. Always check the address bar before logon to website. Any online banking has to be secured and the domain address will start with https:// to show that it is secure and the connection is encrypted. Please be alert for such scams and highlight the same to yourvoice@affinbank.com.my upon being aware of the same.


3. Look out for the padlock symbol in your browser window. Please be vary of a padlock that appears on the web page itself which can be easily copied by the fraudster. The padlock has to be in the window frame of the browser itself. Click on the icon and check the legitimacy of the certificate - that it belongs to the right owner and the certificate is current and registered to the right address and company name. When there is no padlock icon and if you click on the icon before the domain address, it shows that the website address does not supply identity information and the connection is not encrypted. Therefore, it is a phishing site which appears to look similar to the Bank's official website address.
4. Do not provide any personal or financial information to an unsolicited request.
5. Even if you have reasons to believe that the contact may be genuine, you are encouraged to contact the Bank to confirm.
6. Do not disclose your passwords, PIN number and/ or credit card number without proper verification that the communication is made over a trusted and genuine website/ channel.
7. Always clear your cache (browsing history) after each online access.

Please be alert for such scams and highlight the same to yourvoice@affinbank.com.my upon being aware of the same.
 

Tariff Charges insert_drive_file
Rates & Charges attach_money
Calculator phonelink_ring