Disclaimer

This link brings you to a 3rd Party Website, over which Standard Chartered Bank Malaysia Berhad has no control ("3rd Party Website"). Use of the 3rd Party Website will be entirely at your own risk, and subject to the terms of the 3rd Party Website, including those relating to confidentiality, data privacy and security.

Standard Chartered Bank Malaysia Berhad makes no warranties, representations or undertakings about and does not endorse, recommend or approve the contents of the 3rd Party Website.

In addition to the terms stated in Standard Chartered Bank Malaysia Berhad's Important Legal Notices, Standard Chartered Bank Malaysia Berhad shall have no responsibility or liability in connection with the content of or the consequences of accessing the 3rd Party Website, including any virus arising from or system failure associated with the 3rd Party Website.

Proceed
Don’t fall prey to cyber crimes! Click here to read our tips for a safer banking experience.

Cybersecurity

Stay safe when you bank online

Banking with peace of mind

Be a smart digital user! While you are enjoying the convenience of banking online, you also need to be careful and adopt good security habits to protect your bank accounts and information.

Tips for a safer Digital Banking experience

Important Notice

Always ensure your password to log out

Update your apps and remember to log out

Be aware and never share

Important Notice

  • Must-know Digital Banking updates
    • We are continuously enhancing additional layers  of security as an industry effort to help prevent financial crime cases and to safeguard your digital banking experience with us.

    • Cooling-off period

      Effective 20 October 2024, a 12-hour cooling-off period will take effect when you increase your third-party funds transfer limit via SC Online Banking. During the cooling-off period, you may continue to perform transactions up to your existing limit. Learn more here

      A 12-Hour cooling-off period upon SC Mobile Key registration on a new device will take effect to prevent any unauthorised transactions approvals. Learn more here.

       

      Secured Authentication via SC Mobile Key

      Effective 20 October 2024, SC Mobile Key will be required for all funds transfers and payments of any amount to safeguard you from any unauthorised transactions. Learn more about SC Mobile Key here.

       

      Transaction Limit

      Effective 20 October 2024, you can set transfer limit for your own account funds transfers.

    • Protect your mobile & desktop devices with up-to-date mobile operating system and web browser

      End-of-support mobile operating systems (OS) & web browsers are not updated with security patches – weakening your mobile & desktop (computer) devices’ resistance to attacks. Ensure that your mobile OS and web browser on your devices are up-to-date when accessing SC Online & Mobile Banking.

      SC Mobile app requires iOS 15.0 and above and Android 9.0 and above.

      SC Online Banking  requires up-to-date web browsers as below:

      . Google Chrome – Version 119 and above
      . Microsoft Edge – Version 119 and above
      . Apple Safari – Version 16.1 and above
      . Mozilla Firefox – Version 115 and above
      . Opera Desktop – Version 101 and above
      . Opera on Android – Version 78 and above

    • Deactivate SC Online / Mobile Banking using Kill Switch

      Activate Kill Switch via IVR at 1 300 888 888 or +603 7711 8888 only if you suspect that you are a victim of scam or believe key account-related details have been compromised. Learn more here.

       

      Hyperlinks

      We have removed hyperlinks in our SMSs. To avoid the risk of phishing, do not click on hyperlinks and never download apps from third-party or unknown sites. Visit our official website at www.sc.com/my or download SC Mobile App via Google Play, App Store or Huawei AppGallery to access our banking services.

Always ensure your password to log out

  • Our tips for you:
      • When logging in to Online or Mobile Banking, safeguard your login details by keeping them away from prying eyes.
      • Don’t store your username, password or account number on your mobile phone.
      • Ensure your bank account password is unique from your other passwords.
      • Never share your banking login details or One-time Passwords (OTPs) with anyone.

Update your apps and remember to log out

  • Our tips for you:
      • Start by regularly updating the apps and anti-virus software on your mobile phones, tablets and laptops.
      • Download the SC Mobile app from Google Play or the App Store – never from third-party sites.
      • When making a transaction, remember to double check the details before you press the submit button.
      • Always log out of the SC Mobile app or Online Banking session after use and never leave it running in the background.

Be aware and never share

  • Our tips for you:
      • Be careful about sharing personal information like your full name, date of birth, address, mobile or phone number. These details could be used to steal your identity.
      • Never respond to unsolicited emails, phone calls or texts. Scammers are clever at impersonating someone you trust, such as a police officer or a Bank representative.
      • Beware of payment or fund transfer requests from people you don’t know. If you are unsure, speak to someone you trust or contact us before making any payment or cash transfer.
      • Watch out for unauthorized cash deposits or withdrawals on your account, they could be fraudulent transactions.
      • If you receive a suspicious email, text or phone call allegedly from the Bank, please check the identity of the sender or caller with us immediately.

Don’t be a victim of cyber crimes and threats!

Cybersecurity

Phishing
What is phishing?

Phishing is a cyber crime where fraudsters try to obtain your personal information by email, messaging apps, SMS (also known as smishing) or phone (also known as vishing). This information can be used for identity theft, payment scams and credit card fraud as well as many other forms of cybercrime. Malicious links or attachments are often included in phishing and vishing messages, designed to steal your information or infect your system with malware (malicious software).

Bank safely with us

  • Phishing messages may appear as though they originated from the Bank. They may include our logo or even mimic our electronic mailers. Look carefully at the sender’s address for lookalike domains e.g. john@standardchartd.com.
  • Fraudsters can send you fake bank account statements, overdraft notices or loan cancellations. Never respond to unsolicited emails, messages or phone calls. To access our banking services, visit our official website at https://www.sc.com/my/.
  • For mobile banking, update your SC Mobile app and phone’s OS regularly to ensure your security is always up to date.
  • If you need to change your password, use our Online Banking login webpage. Never click on hyperlinks or download attachments in unsolicited emails or texts. Our official domains include sc.com, m.sc.com and retail.sc.com.
  • Standard Chartered will never ask you for your access code, one-time password (OTP) or credit card number. This is private information and you should never reveal these details to anyone.

Back to top>>

 

​​Weak passwords

Why do I need a strong password?

Cyber criminals comb the internet and social media to find your personal information. So ensure you have a strong password to deter them. Weak passwords are uncomplicated and commonly used, for instance 12345678, or associated with your personal data, such as names or birthdays. As a matter of fact, it only takes a fraction of a millisecond to crack an uncomplicated 7-character password1.

How you can secure your personal information?

  • Do not use the same password for multiple sites or accounts. Ensure the password used for your Standard Chartered banking account is unique from your online and social networking accounts.
  • Keep all passwords safe and confidential. Standard Chartered may verify the number of accounts you have, but we will never request your login credentials, whether by phone, email or text.
  • Strengthen your password by using a combination of upper and lower case characters, numbers and special characters. Likewise, a 12-character password is significantly stronger than 7 characters.
  • Memorise your banking password. Never write it down or store it on your devices. Additionally, make it a point to update your password regularly. Change the password immediately if you think it has been compromised.

1Web of Trust, Here’s How Long It Takes to Crack Your Password​

Back to top>>

 

​​Mobile device threats

Why you need to secure your mobile device?

Mobile devices are not immune to security threats. Installing a malicious app or clicking on a phishing link, for example, can provide cyber criminals with a back door to your mobile device and sensitive data.

Bank safely with us

  • Protect your phone and banking information by following these tips.
  • Download SC Mobile App from Google Play or the App Store. Never download the app from third-party or unknown sites.
  • Always log out from SC Mobile App after use, and never leave it running in the background especially after you have signed in.
  • Do not store your passwords, access codes or account numbers on your mobile phone. Cyber criminals can steal this information if your device is hacked or stolen.
  • Never use a ‘jailbroken’ (iOS) or ‘rooted’ (Android) device for your banking transactions. They make it easier for hackers to access and manipulate your phone’s operating system.
  • Malicious links or attachments in phishing messages are designed to steal your banking details or infect your mobile device. Never click on hyperlinks or download attachments in unsolicited emails or texts.
  • Ensure your phone’s operating system is updated regularly to fix any security gaps. Cyber criminals can exploit any software vulnerabilities to access your phone without your knowledge.​

Back to top>>

 

Malware

What is malware?

Short for ‘malicious software’, malware is an intrusive programme installed on your computer or smartphone, often without your knowledge or permission. Once installed, it enables cyber criminals to commit fraud, like steal your banking credentials, run payment scams or hijack your system for a ransom.

Understand the common types of malware

  • Virus: infects files and software, and spreads to other computers in the network
  • Spyware: spies on your online activities and collects your information
  • Ransomware: encrypts information and keeps it from you, in exchange for money
  • Trojan: disguises itself as a legitimate software to modify, destroy or steal

Bank safely with us

  • Malware can come from various sources, like fake Standard Chartered assets; including websites or emails with attachments containing malware. You can protect yourself from malware by taking these precautions.
  • Never download files (including email attachments) without verifying that they are from a legitimate source. To access our banking services or resources, visit our website at https://www.sc.com/my/.
  • Delete junk and chain emails. If you have opened one, do not click on any links or download any attachments. To change your Online Banking password, use our Online Banking login webpage. Never change it via any email links.
  • Install anti-virus and anti-malware protection on your devices. Enable the ‘automatic updates’ feature to ensure the software is able to detect and remove newer malware.
  • Never connect to unknown and unsecure Wi-Fi networks when carrying out online banking. If you are using your home network, ensure your router is secured.​

Back to top>>

 

Social media threats

Security risks on social media

Cyber criminals often use social networks to gather your personal information. This helps them craft convincing phishing texts or emails, designed to steal your identity or takeover your social and banking accounts.

Practice safe social networking

  • Be mindful of what you are sharing online as some of this information can be used to steal your identity. This includes your date of birth, address or phone number.
  • Beware of cyber criminals who use a fake identity to start a relationship with you, this is known as catfishing. Their aim is to scam you of your money once they have earned your trust. Tell-tale signs include a reluctance to meet up in person or a lack of friends on their social networking account.
  • Keep potential fraud and spam out of your regular email inbox by creating a separate email account for social networking purposes. Never click on hyperlinks or download attachments in unsolicited emails.
  • Further protect your account by using a unique password for each of your social networking profiles. Ensure it doesn’t match the password used for your Standard Chartered bank account.
  • Keep your social networking accounts private and restrict them to friends and family only. This makes it harder for cyber criminals to monitor your online activities on these platforms.​

Back to top>>

Looks suspicious? Make sure you reach out to us!

Scammers use a variety of tactics to trick potential victims into revealing sensitive information, making fraudulent payments or allowing unauthorised access to accounts. Whenever in doubt, always check semakmule.rmp.gov.my first if the bank account number is compromised.

For anything urgent (e.g., to report a suspected fraudulent transaction or any unusual activity in your account), please contact the Bank’s emergency 24-hour service hotline at +603 7849 6888 and activate Kill Switch and promptly secure your funds.

If you have received a suspicious email (phishing), call (vishing) or text message (smishing) targeting you as a customer of Standard Chartered or identified a suspicious social media account claiming to represent Standard Chartered, report it to us immediately by emailing phishing@sc.com.

In your report, please share as many details as you can to help us with our investigations e.g., sender details, attachments, screenshots and links.

To report any security issues related to our online services and applications, please contact security@sc.com.

Remember, Standard Chartered will never request for your password or security information by phone call, email or SMS.