The Bank of East Asia

Cyberbanking

While the Bank has taken steps to put in place the necessary security practices and measures to safeguard against inherent risks, such as online theft of your Cyberbanking Number / PIN or any unauthorised access to your bank accounts, due to the open nature of the Internet, you still need to follow the practices below to safeguard your usage of Cyberbanking:


A. PIN Management

1. Log in to Cyberbanking to change the PIN you received from the Bank immediately after your Cyberbanking service has been activated.
2. If you suspect that someone has tampered with the sealed envelope containing your PIN prior to receipt, please contact us immediately.
3. Do not use your personal information (such as NRIC number, passport number, telephone number, date of birth, driving licence number or name), or any simple sequence (such as 12345678 or ABCDEFGH) as your PIN and avoid using the same alphanumeric character more than once (such as 11111111 or A1A1A1A1).
4. Do not disclose your PIN to anyone. The Bank will never ask you for your PIN.
5. Do not send your PIN via email or use the same PIN to access other websites, applications or services.
6. Memorise your PIN. Do not write it down anywhere.
7. For security reasons, change your PIN regularly.
8. Change options on your browser to avoid storing your PIN on your computer.
9. Be alert to your surroundings when using Cyberbanking and make sure that no one sees you enter your PIN.
10. Change your PIN immediately if you suspect someone knows it.
11. Contact us immediately if you suspect any unauthorised access to your bank account(s) via Cyberbanking.

B. Personal Computer and Email Protection

1. Take precautions against hackers, viruses, spyware, and any other malicious software when reading emails, opening attachments, visiting unfamiliar websites, and downloading files or programs from websites. Do not open emails / email attachments from unknown sources and delete them immediately.
2. Increase the protection of the computer you use to access Cyberbanking with firewalls, anti-virus software and anti-spyware software, and update them with the latest security patches or newer versions on a regular basis. Use such protection measures to scan your computer from time to time to strengthen the security of your computer. Regularly update the operating system of your computer with the latest security patches.
3. Upgrade browsers to support 128-bit TLS encryption or a higher encryption standard.
4. Remove file and printer sharing options on your computer, especially when you have Internet access via modem, broadband connection, wireless connection, or other similar set-ups.
5. Do not install or use software or program(s) from untrustworthy or unknown sources.
6. If any suspicious screens pop up or your computer's network / traffic is unusually slow, you should log out from your internet service / account immediately and scan your computer with the most up-to-date version of your anti-virus software.
7. Limit the number of people who can use your computer and set your own password for your computer if it has this facility.
8. Disable your browser's "AutoComplete" function. On some browsers, this function remembers the data you input previously. Refer to your browser's "Help" function if necessary.
9. Disconnect from the Internet when you are not using it.
10. Make regular backup of your critical data.
11. Delete junk or chain emails.

C. Accessing Cyberbanking

1. Keep your Cyberbanking number confidential at all times and do not send account information through email.
2. Make sure that all other browsers are closed before logging in to Cyberbanking.
3. Enter the Bank's website address in the address bar of a web browser directly to access Cyberbanking.
4. Only access Cyberbanking through our website www.hkbea.com.sg.
5. Every time you log in to Cyberbanking, please verify your last login date and time as shown on the Welcome page.
6. Do not log in to Cyberbanking by clicking on any URLs or hyperlinks in SMSes, emails, search engines, or untrusted sources.
7. Confirm the legitimacy of the Bank's website by comparing the URL and the Bank's name in its site digital certificate. The website address starts with https:// and a security icon resembling a padlock or key may appear when authentication and encryption are activated. If there are mismatches in the URL and/or the name of the Bank, stop logging in and inform the Bank immediately.
8. Always log out and then close all your browsers instantly to clear the browser cache after each online session.
9. Do not leave your computer unattended while using Cyberbanking.
10. Do not use / install any software or program to access Cyberbanking.
11. Access Cyberbanking with browsers recommended by the Bank.
12. Do not use public computers or other untrusted devices to access Cyberbanking.
13. Check your bank balance and transaction history regularly. Notify the Bank immediately if you discover any errors or unauthorised transactions.
14. Review regularly and follow the security tips issued by the Bank.
15. Contact the Bank for confirmation immediately whenever a website, SMS, email or other correspondence claiming to originate from the Bank looks suspicious to you.

D. One-Time Password

1. Do not reveal the One-Time Password (OTP) generated to anyone.
2. Inform the Bank immediately if you have lost / mis-placed your phone, or if you change your mobile phone number.
3. Do not allow anyone to keep or use your mobile phone.
4. When you receive an SMS with the One-time Password (OTP), verify the accuracy of the transaction details prior to entering the OTP.

E. Other Notes

1. Check your bank statements regularly and inform the Bank immediately if you notice any suspicious or unauthorised transactions.
2. Keep your bank statements, cheque books, and other important documents in a safe place. If you want to discard any documents that contain your personal information, destroy them first.
3. Under no circumstances shall the Bank, by way of SMS, email or voice message, ask for your personal information, such as your PIN, NRIC number, passport number, date of birth, etc. Neither will we ask you to access the Bank's website by clicking hyperlinks contained in any SMSes and emails.
4. Do not disclose personal, financial or credit card information to little known or suspect websites.
5. Check a website's privacy statement and disclaimer before providing personal data there.