SECURITY AND YOU

Online Security Tips.

Your online protection.

Online Security Tips.Your online protection.

At Citibank, we constantly update our security technology to protect your privacy and confidentiality. It is important that you take the necessary measures to safeguard yourself.

Here are some of the security features and tips customers should be aware while ensuring a pleasant and secure online banking experience.

Security Alert

Mobile Malware

New variants of mobile malware targeting Android smartphones continue to appear in the Asia-Pacific region. These malicious apps often target mobile banking apps, and may attempt to steal customer credentials and perform fraudulent transactions.

In some cases, the mobile malware will attempt to circumvent the additional layer of security provided by One Time PINs (OTPs) by intercepting text messages (SMSs) or generating a fake dialogue inside the mobile banking app in order to trick a user.

Citi recommends customers remain alert for malware threats and review our Online Security Tips. Specifically, Citi suggests that all mobile users consider:

  • Only installing applications from trusted and official sources
  • Installing a reputable mobile antivirus application
  • Keeping mobile device software up-to-date
  • Being aware of the heightened risks associated with 'rooted' or 'jailbroken' devices
  • Not following any links or instructions provided from unknown or suspicious sources.

Customers who notice unusual behavior in their online banking session should immediately terminate the online banking session and contact Citi’s 24-hour Citiphone on (65) 6224 5757.


Security Alert: TINBA Malware

A new variant of the TINBA malware is targeting banks in Singapore. This malware, when installed on the victim’s PC, steals online banking credentials via fake messages and fake web pages that ask for personal information.

Citi recommends customers remain alert for malware threats and consider the following tips:

  • Malware often arrives on your PC in an email attachment. You should never open an attachment from someone you don’t know or if an email looks suspicious.
  • Malicious websites can install malware on your PC when you visit them. Never open links to webpages that you don’t recognize or that are sent from people you don’t know.
  • Install anti-virus software and make sure it is kept up to date. Anti-virus software should be configured to check for updates at least once per day.
  • Keep your PC operating system up to date.

Customers who notice unusual behavior in their online banking session should immediately terminate the online banking session and contact Citi’s 24-hour Citiphone on (65) 6224 5757.


Security alert: DYRE malware

Variants of the DYRE malware continue to target online banking customers worldwide.

DYRE, also known as Dryeza, is a malicious program used by cybercriminals to steal online banking credentials and perform fraudulent transactions. Dyre is usually spread by phishing emails containing attachments or hyperlinks that, once opened, can exploit your computer’s existing security flaws to install the malware. Once installed, DYRE can redirect websites through servers operated by criminals, allowing them to capture and alter data in real time.

Signs of a DYRE infection include:

  • Repeated requests for User ID, Password and/or One-Time PIN (OTP)
  • Changes in the appearance or procedures of online banking
  • Delays and persistent "loading" screens.

Citi recommends customers remain alert for malware threats and review our Online Security Tips.

Customers who notice unusual behavior in their online banking session should immediately terminate the online banking session and contact Citi’s 24-hour Citiphone on (65) 6224 5757.


Security alert: POODLE

A security vulnerability known as "POODLE" (Padding Oracle On Downgraded Legacy Encryption) has been discovered on the SSL3 (Secure Sockets Layer v3) used by old versions of web browsers such as Internet Explorer 6 on Microsoft XP.

SSL is used to establish an encrypted link between a website and a web browser (such as Internet Explorer) to keep the customer's credentials and transactions secure.

In view of this vulnerability, we will not be supporting older versions of web browsers as of 11th January 2015.

We recommend customers to refer to the Supported Browsers and Roles and Responsibility for steps to ensure a safe and secure online banking experience.

Features
Roles and Responsibility
Fraud
Supported Browsers
Reporting
  • The Global Online Account for global citizens.
  • Citi mobile® the way to bank