• Security and Fraud

We view your security with utmost importance. That's why we've taken these extra initiatives to provide you with additional protection:

Guard yourself against fraudulent look-alike sites. SecureWord is an additional authentication layer used by CIMB Clicks Online Banking to verify that the login page is a genuine CIMB Clicks site. Make sure to check the SecureWord before keying in your password.

View Details »

Transaction Authorisation Code (TAC) is a unique 6-digit code sent as a SMS to your mobile phone for transaction authentication use.

View Details »

Protect yourself and your computer/mobile devices!

Important things you can do to protect yourself and your computer/mobile devices.
At CIMB Clicks, we are committed to your online security and peace of mind. We use multiple layers of security to ensure that your Online Banking sessions are protected by a high level of security. However, you also play an important role in safeguarding your computer/mobile devices and your online information. Below are the recommended things to do to keep your money where it should be.

Install anti-virus and anti-malware
Protect your devices from virus and malware by installing anti-virus and anti-malware software. To maximise your protection, update them regularly to make sure you always have the latest virus definition.

Avoid rooting or jailbreaking your mobile devices
It is not advisable to use CIMB Clicks App on a rooted or jailbroken device as they are more vulnerable to fraudulent attacks. A rooted or jailbroken device have minimal security, making it easier for fraudster to gain access to your personal details and other information stored or transmitted through your device and might result in illegally using it to perform transactions such as funds transfer.

Install a personal firewall

Firewall software and/or hardware helps provide a protective shield between your computer/mobile devices and the Internet. This barrier can help prevent unauthorised people gaining access to your computer/mobile devices, reading information from it or placing viruses on it while you are connected to the Internet.

Install anti-spyware software

Spyware is a general term for hidden programs on your computer/mobile devices that track what you are doing on your computer/mobile devices. Spyware is often bundled together with file sharing, email virus checking or browser accelerator programs, and it is installed on your computer/mobile devices without your knowledge to intercept information about you and your computer/mobile devices. The type of information gathered can include personal Internet usage, and in some instances, confidential data such as passwords. You can download and run a specialist program designed to help identify and remove threats from spyware. Like an anti-virus program, it also needs to be regularly updated in order to recognise the latest threats.

Keep your browser and operating system up-to-date

From time to time security weaknesses or bugs are found in browsers and operating systems. Usually 'Service Packs' are issued by the software company to make sure these are fixed as quickly as possible. You should make regular checks on your software vendor's website and apply any new security patches as soon as possible to ensure you have the most updated security features available.

Avoid running programs or opening email attachments from any source you do not know or trust

You should not install software or download any files from websites (e.g. programmes, games, screensavers) that you aren't completely sure about. We also recommend that you scan all email attachments for viruses and avoid opening any from people or organisations that you do not know or trust. However, some virus may forward infected email to everyone in an address book. Therefore, you can also get an infected attachment from someone you know. If you are not sure what is in the attachment, do not open it.

Important note: CIMB Bank or CIMB Clicks will never send you an email asking you to reconfirm or revalidate your Online Banking information via email or any links from an email. If you have received this sort of email, please contact us immediately at +603 6204 7788.

Be cautious when using public or shared computers/networks

If you access your accounts using a computer in a cyber café, a library or your workplace, try to ensure the computer has the latest anti-virus, firewall, anti-spyware and browser software installed. Although Wi-Fi is a convenient way for you to go to the Internet, it is not advisable to access your account via Wi-Fi connection, especially in public places like airports, hotels or shopping malls.

For more information with regards to online safety, you can visit CyberSecurity Malaysia at http://www.cybersafe.my.

Malware

Malware stands for Malicious Software. It can be viruses, trojans, and spyware to "PC Optimization" programs that harm your electronic devices.

For even more detailed information about malware and protecting your electronic devices, click here

For more guidelines on Malware Prevention, please refer to press release from Cyber Security: Click here

Phishing

What is 'Phishing'? 'Phishing' is a type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites.

You'll then be asked to disclose confidential financial and personal information, passwords, credit card numbers along with any other highly confidential questions.

SMS/Phone Call Scam

Customer receives an SMS or a call requiring him/her to call a given number to confirm a transaction involving customer's credit card or account information.

Money Muling

For fraudsters, transferring stolen funds directly into their accounts would make their whereabouts and activities be easily traced by law enforcement agencies. In efforts to stay under the radar, money mules are recruited or used to help facilitate the movement of funds to the criminals. In other words, money mules are used specifically to receive and transfer out stolen money.

Fraudsters will try to recruit customer to use their personal banking account as intermediary account by promising them rewards. Recruitment will normally be promoted via social media, chat sessions or even newspaper ads offering work-from-home job offers.

Stagefright Bug

A vulnerability is found on Android devices affecting almost 95% of its users. Attacker can exploit this bug through MMS (a type of message which can include text, sound, images and video) which allows them to take control of your device.

Tips to prevent being attacked:

  • Ensure you have the latest Android upgrade/patch installed
  • Disable auto-retrieval of MMS

Dridex Malware

Dridex operates by first arriving on a user's computer as a malicious spam email with a Microsoft Word document attached to the email. If the user opens the document, a macro embedded in the document will trigger a download of the Dridex banking malware, enabling it to first steal banking credentials and then attempt to generate fraudulent financial transactions.

DYRE Malware

A new variant of malware known as 'DYRE' is targeting online banking customers. The malware started from phishing emails. Hence, please do not respond or click on any hyperlink in an email to access to your Online Banking websites. Phishing email aims to steal your Online Banking User ID and Password.

These may be some of the signs that your computer could be infected by ‘DYRE’:

  • You are prompted to enter your User ID and Password repeatedly
  • Your computer seems to be running very slowly compared to usual
  • Unfamiliar screen after you login to your Online Banking site

Please click here to read more about malware protection.

Alert

It is advisable to to download the latest anti-virus and scan your devices regularly. This is to ensure that your online financial transactions are not performed using infected devices. Please stay vigilant when banking online. You may also refer to Cyber Security Malaysia for further action on infected machines. Please call us immediately at +603 6204 7788 or email to callcentre@cimb.com.

Call Our Consumer Contact Centre:
+603 6204 7788
(Local and Overseas)