Security Advisory: July 2008
SMS Lucky Draw Scam

OCBC has shared with the media on 4 Jul 2008 about our experience in helping individuals who had become victims in a SMS Lucky Draw scam. Drawing from this incident, we believe that the following information is very useful in helping you to identify future scams and avoid falling prey to fraudsters.

HOW A TYPICAL SCAM WORKS

The victim would receive an SMS informing him that he has won a lucky draw organized by a well-known regional organization. When the victim calls the contact number provided in the SMS, he will be advised to open a bank account to receive the winnings.

The victim would be guided by the fraudster to apply for Internet Banking and subsequently reveal all details necessary for the fraudster to takeover the Internet Banking access. The victim has effectively given away full control of his account to the fraudster, who will subsequently login to transfer funds out of the victim’s account.

PLEASE NOTE

We would like to remind our customers and members of the public not to reveal nor allow their confidential banking details such as account numbers, access codes, PIN, etc to be shared with any third parties. Just as we should not hand the keys to our house to 3^rd parties, we should similarly not share the “keys” to our bank accounts.

You should be suspicious of all requests to disclose your confidential banking details. When in doubt, please contact the Bank immediately at known listed number and do not call the number provided by the fraudster.

ADDITIONAL INFORMATION

More details of similar scams are available as follow:-

Beware of Phone Scams!" flyer produced by the National Crime Prevention Council and the Singapore Police Force.
Crime Prevention Message from the Singapore Police Force.
The Singapore Police Force website at www.spf.gov.sg or www.cad.gov.sg .

Security Advisory: June 2008
New Phishing Email and Site Detected (June 2008)
It has been brought to our attention that there is a phishing email leading to a fraudulent website bearing an identical domain name, logo and images belonging to OCBC Bank.

If you have received an email from email accounts of service@ocbc.co.m.sg to register your account information for some security upgrade process by OCBC Bank, Do Not Respond.

We would like to remind our customers and other members of public that the official domain name of OCBC Bank is www.ocbc.com. Customers and other members of public are advised to be wary of suspicious websites bearing any resemblance to the OCBC Bank website.

If you have visited any such websites or received an email, short message service (SMS) text or instant message (IM) from an unknown party, instructing you to disclose or submit your banking details such as account numbers, usernames, passwords or credit card information online or otherwise, DO NOT respond but please alert us immediately by calling:

1800 363 3333 for individuals

1800 538 1111 for businesses.

It is not the policy of OCBC Bank or any of its related entities to send emails, short message service (SMS) texts or instant messages (IM), to request customers to provide their personal information or instructing them to perform specific transaction. This also includes directing customers to websites that does not originate from OCBC Bank.

At OCBC Bank, protecting your information has always been our priority. To learn more about our privacy and security policies, other useful information about online security and tips on protecting yourself from fraud, please visit www.ocbc.com/personal-banking/tools%20and%20info/Toi_Poc_SecPriPolicy.shtm .

Security Advisory: April 2008
Phone Scams - A Crime Prevention Message from Police
You may have come to know about a spate of phone scams that have been widely reported in the local media. Please click here to read the Crime Prevention Message from the Singapore Police Force.

More details of such scams can be found in the SPF website at www.spf.gov.sg or www.cad.gov.sg.

Security Advisory: November 2007
New Fraudulent Email Detected (November 2007)
If you have received an email from email accounts of account@obcfince.com and operation@obcfince.com to send in your account information in order to claim an inheritance left behind by a deceased relative, Do Not Respond.

Please note that under no circumstances will any of our Bank employees ever send you an email asking you to participate in the purported transaction or to ask you for your personal information. You should not respond to such emails. You can visit www.fraudwatchinternational.com/nigerian-419/ or www.cad.gov.sg/serv/pre/cri_pre_adv/419+Fraud.htm for more information.

Should you receive further suspicious emails, you should notify OCBC Bank immediately by calling:

- 1800 363 3333 for individuals
- 1800 538 1111 for businesses.

Security Advisory: August 2007

During our routine security checks on the internet, we discovered an unauthorised website bearing an identical domain name, logo and images belonging to OCBC Bank. The website has since been removed and is currently inactive.

We would like to remind our customers and other members of public that the official domain name of OCBC Bank is www.ocbc.com. Customers and other members of public are advised to be wary of suspicious websites bearing any resemblance to the OCBC Bank website.

If you have visited any such websites or received an email, short message service (SMS) text or instant message (IM) from an unknown party, instructing you to disclose or submit your banking details such as account numbers, usernames, passwords or credit card information online or otherwise, DO NOT respond but please alert us immediately by calling 1800 363 3333 for individuals and 1800 538 1111 for businesses.

It is not the policy of OCBC Bank or any of its related entities to send emails, short message service (SMS) texts or instant messages (IM), to request customers to provide their personal information or instructing them to perform specific transaction. This also includes directing customers to websites that does not originate from OCBC Bank.

At OCBC Bank, protecting your information has always been our priority. To learn more about our privacy and security policies, other useful information about online security and tips on protecting yourself from fraud, please visit www.ocbc.com/personal-banking/tools%20and%20info/Toi_Poc_SecPriPolicy.shtm.

Credit Card Security Advisory

You may have heard or read recent reports about a credit card security breach at CardSystems Solutions, Inc., a third-party processor of payments for credit and debit transactions, including Visa and MasterCard.

To protect our customers, we have already put in place measures to replace the cards of the small number of customers whose credit cards were affected.

As an additional measure, we advise our customers to be on the alert for phishing schemes relating to this security breach incident and thereafter. For security reasons, we will not send you an email or letter asking you to update or provide sensitive personal and credit card information via an email link. Please ignore such mails and DO NOT provide the information requested for. If in doubt, do contact our call centre at 1800-363 3333.

Customers are also advised to review their monthly card statements carefully. If you come across an unfamiliar transaction, please contact us at
1800-363 3333 to clarify. We assure you that the Bank will not hold our customers accountable if investigations uncover a transaction that is an unauthorized one.

If you believe you may have responded to any phishing emails or websites, please contact our call centre immediately to replace your credit card and PIN.

OCBC Bank