New Security Alerts

Mazar Android Malware

16 Feb 2016

Dear Customer

An Android malware by the name of “Mazar” has been targeting banking customers. The malware is spread through SMS or MMS links. When the malware is executed, it will attempt to steal banking credentials.

If your mobile device is infected with Mazar malware, the malware gains administrator rights that give it the ability to do almost anything with a victim's phone. The malware can read SMS messages, which means it can also circumvent two-factor authentication (2FA systems). The malware can even erase data in compromised phones.

Here are some precautionary measures to protect your mobile device:

  • Do not click on SMS or MMS on your phone
  • Always enter the URL address (www.maybank2u.com.sg) directly into your web browser
  • Keep your mobile devices and software up-to-date
  • Use a professional anti-virus software for android phone and keep it up-to-date
  • Make sure that you are connected to a secure wifi access point
  • Do not install applications from sources outside of playstore

Should you notice any unauthorised transactions, please change your passwords immediately, and contact us at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

For Business Internet Banking users, please call 1800 777 0022.

 


Tinba Malware

21 Jan 2016

Dear Customer

A malware by the name of “Tinba” has been targeting banking customers in Singapore. The malware is spread through phishing email or malicious advertising campaign. When the malware is executed, it will attempt to steal banking credentials.

If your computer had been infected with Tinba Malware, you may be prompted to provide your banking credentials multiple times. The malware will also attempt to alter the flow of transactions that you are trying to perform.

Do take precautionary measures to protect your computer, by:

  • Not opening any email attachments from unknown sender.
  • Keeping your computers, devices and software up-to-date.
  • Using a professional anti-virus software and keep your anti-virus software up-to-date.
  • Performing regular anti-virus scan
  • Performing regular update of your browsers and operating systems whenever it is available.
  • Making sure your Internet browsers and plugin/extensions are all up-to-date.
  • Disabling plugins/extensions that are not frequently used or are potentially dangerous.
  • Adjusting browser settings to block ads or changing settings to detect potential malicious advertising.

                                    
If you notice any unauthorised transaction, do change your passwords immediately and contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

For Business Internet Banking users, please call 1800 777 0022.

 


Dyreza Malware

25 Jun 2015

Dear Customer

A malware by the name of “Dyreza” has been targeting banking customers in Singapore. The malware is spread through phishing email messages that contain malicious attachments. When the malware is executed, it will attempt to steal banking credentials.

If your computer had been infected with Dyreza Malware, you may be prompted to provide your banking credentials multiple times. The malware will also attempt to alter the flow of transactions that you are trying to perform. It may display unusual message such as “Please be advised that there will be a temporary disruption for 30 minutes.” on your screen.

Do take precautionary measures to protect your computer, by:

  • Not opening any email attachments from unknown sender.
  • Keeping your computers, devices and software up-to-date.
  • Using a professional anti-virus software and keep your anti-virus software up-to-date.
  • Performing regular anti-virus scan
  • Performing regular update of your browsers and operating systems whenever it is available.

If you notice any unauthorised transaction, do change your passwords immediately and contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

For Business Internet Banking users, please call 1800 777 0022.

 


POODLE Vulnerability

30 November 2014

Dear Customer

A vulnerability has been discovered on SSL3 (Secure Sockets Layer version 3) protocol. SSL is used to establish an encrypted link between a website and a web browser (such as Internet Explorer) to keep customer’s credentials and transactions secure. With this vulnerability, an attacker may steal certain confidential information such as account details.

Maybank Online Banking will no longer support SSL3 to prevent POODLE attack. If you are unable to load the Maybank Online Banking page, do check your browser settings to see if you had enabled TLS. Click here for steps to enable TLS for various browsers. Do note that Internet Explorer 6 (and below) cannot support TLS. If you are using Internet Explorer 6 (and below), you have to download and install newer version of Internet Explorer or use an alternate browser.

Should you suspect that your banking account may have been compromised, do change your passwords immediately and contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 


GameOver Zeus and CryptoLocker Malware

12 June 2014

Dear Customer

It has been reported that the malware Gameover Zeus and CyptoLocker malware have affected users in Singapore. Gameover Zeus is used by cybercriminals to harvest banking credentials and CyptoLocker malware encrypts victim’s computer and demands a ransom in order to decrypt it.

Gameover Zeus and CyptoLocker malware are often propagated through spam and phishing messages.

You can take the following precautionary measures:

  • Do not click on the URL link of the suspicious email.
  • Use a professional anti-virus software and keep your anti-virus software up-to-date.
  • Keep your operating system and application software up-to-date.

Should you suspect your banking account may have been compromised, do change your passwords immediately and contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 


IE Zero Day Vulnerability

30 April 2014

Dear Customer,

A zero day vulnerability has recently been discovered in Internet Explorer (IE) browser version 6 to 11.

An attacker who successfully exploited this vulnerability could take complete control of your system remotely and could potentially install programs; view, change, or delete your data or create new accounts.

You can take the following precautionary measures:
1) Do not click on any unknown links in suspicious emails or documents
2) Use an alternate browser to perform your transactions
3) Update your system and browser to the latest patch once it is available.

Should you have any further queries, please feel free to contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 


Zeus Malware

25 April 2014

Dear Customer,

It has been brought to our attention that a new variant of Zeus malware has recently been discovered and are targeting Online Banking services in Singapore. This malware has the capability to steal sensitive login information in online banking services.

We would like to remind you to remain vigilant when performing online transactions and to protect your computers with professional anti-virus software.

Should you have any difficulties performing your online banking transaction or discover any unusual pop-up messages, please feel free to contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 


Heartbleed Bug

15 April 2014

Dear Customer,

A vulnerability known as Heartbleed bug has been recently discovered in OpenSSL. OpenSSL is an open-source implementation of SSL protocols which provides communication security over the Internet.

Please be assured that Maybank’s Online and Mobile Banking are not affected by the Heartbleed bug.

Nonetheless, we would strongly encourage you to continue protecting your online banking account and password with the following precautionary measures:

  • Use different usernames and passwords for your online banking accounts and other non-banking related accounts.
  • Change your passwords regularly.
  • Do not reveal your online banking username, password or token pin to anyone.

Should you have any further queries, please feel free to contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 


Malware

4 July 2013

Dear Customer,

We have discovered a malware that may affect users of the Maybank Singapore Internet Banking website. The malware will display a webpage that is not part of Maybank Singapore's Internet Banking website. Below is a screenshot of what the website will look like if your computer or device has been infected with this malware. The suspicious message is circled in red. It will attempt to phish your credit card information. Please do not proceed to perform any transactions if you see this page.

Precautionary Measures You Can Take

  1. Perform a full scan of your PC or computing device using your anti-virus software
  2. Update your anti-virus signature file to the latest release
  3. Do not attempt to further perform any transactions if you experience difficulties accessing your account after you have entered your login credentials
  4. If you have received any SMS notification for transactions not made by you, do inform the Bank immediately

Should you have any further queries, please feel free to contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) (local) or (65) 6533 5229 (overseas).


16 April 2013

Dear Maybank Customer

We have been informed that a variant of the malware, Zeus, is currently targeting online banking systems.

Malware Distribution

The malware distribution is via an email which may contain a zip file. If you click on the zip file, the malware will attempt to infect your PC or computing device.

Behaviour of the Malware

Once your personal computer or computing device has been infected, it will stay dormant until you access your online banking account. Upon successful authentication of your login credentials (user id, pin and a one time password) by the bank, the malware will take over your session and attempt to manipulate you into signing fraudulent transactions using your transaction signing token.  

Precautionary Measures You Can Take

  1. Perform a full scan of your PC or computing device using your anti-virus software
  2. Update your anti-virus signature file to the latest release
  3. If you have received any suspicious email with a zip file, do verify with the sender if he/she has sent the email.
  4. Delete the email immediately if the sender cannot be verified
  5. Scan your email attachments regularly
  6. Do not enter any login credentials if the website looks suspicious
  7. Do not attempt to further perform any transactions if you experience difficulties accessing your account after you have entered your login credentials
  8. If you have received any SMS notification for transactions not made by you, do inform the Bank immediately.

Should you have any further queries, please feel free to contact our Customer Relationship Executives on 1800-MAYBANK (1800-629 2265) (local) or (65) 6533 5229 (overseas).

Next steps

Login now

Already an M2U registered user? Login now

Apply now

Application form for Maybank2u.com.sg (Online Banking) (PDF)

Locate your nearest Branch

Find us at a convenient location near you

Get in touch

Contact us for more information