Approach 1: Trick you into installing Trojan / spyware and steal your personal information

Prevention measures
Most of the malware come in different forms of emails or SMS. Therefore, do not open or click any suspicious links. Most importantly, only use the Internet banking services on the mobile phones / tablets / portable devices which are protected with the latest version of anti-virus / Trojan programs.

Approach 2: Trick you into filling in your personal information on phishing websites

Prevention measures
Most of these fraudulent actions are in the form of links sent by emails or SMS. Therefore, do not open or click any suspicious links. If you encounter a suspicious website, please absolutely refrain from giving any personal information.
If you detect any irregularities, please contact Krungsri Call Center 1572 for further information, available 24 hours a day.

Example
Phishing website luring you into entering username and password Mostly, the phishing websites contain messages like “To ensure your safety, please enter your username and password to confirm your identity; otherwise, your subscription to our service will be terminated.” Some customers may panic and give away their information immediately.

Differences between Krungsri Online website and phishing website

The Bank strongly recommends any customers whose username and password of the Internet banking service match those of other applications such as personal email and so on, or whose password contains their date of birth, mobile phone numbers and the likes, to change the password. Also, it is highly recommended that customers differentiate the password of the Internet banking from that of other applications in order to prevent fraudsters from also acquiring accesses to your personal data in other systems in case of stolen information.

After stealing username and password, fraudsters will steal the OTP code to complete fraudulent transactions

As the OTP code sent to mobile phones / tablets / portable devices are not easy to copy, personal information, including username and password were safe from fraudulent financial transactions as fraudsters cannot obtain the OTP code.

Prevention measures

Do not record username and password or use the “Remember password” function on mobile phones / tablets / computer devices.

Set mobile phone lock password to protect personal information on your mobile phone.

Upon receiving the OTP code via SMS / mobile phones/ tablets / portable devices, please check the given reference number to ensure they match that of the transaction as appeared on screen. If you discover any irregularities, please contact Krungsri Call Center 1572, available 24 hours a day.

As mentioned earlier, the OTP code advised via SMS to your mobile phones are difficult to steal. As such, fraudsters developed malware with Trojan to intercept the SMS, delete it from your mobile phones / tablets / portable devices and direct it to fraudsters. Hence, you may never see such SMS at all. For this type of crime, fraudsters usually send SMS or any messages on your mobile phones / tablets containing links to trick you into installing the application on your devices.

Always download applications only from App Store or Google Play. If you wish to download Krungsri application, make sure that the developer name is “Bank of Ayudhya Public Company” as seen in the examples.

It is strongly recommended that customers avoid “jailbreak” or “root” their smartphones as it incurs risks of fraud and customers may be liable for any damages. Ensure that the applications you download from Google Play are correct ones because Google Play is an open space where fraudsters may plant their malware.

Conclusion

For the safety of your financial transactions via mobile phones / tablets / computers, the Bank recommends as follows

• Avoid clicking any links (URL) in any SMS or emails containing deceitful messages demanding for personal information, deposit account information, and password to enter the financial transacting systems.
• Avoid downloading or installing any programs or freeware from unreliable sources.
• Avoid making transactions through devices with modified operating system. (IOS devices that underwent “jailbreak” or Android devices that underwent “root”.)
• Avoid connecting the public Wi-Fi signal when making transactions as it incurs the risk of stolen personal information, account information, and password to enter the financial transacting systems.
• Install the anti-virus application on mobile phones / tablets / computers, especially those where Internet Banking service is utilized.

The Bank hereby confirms that the Bank has no policy to send SMS or emails to request our customers to download or install any programs/ applications or re-confirm any personal information, account information, and password to enter the financial transacting systems of the Bank. Therefore, if you receive any types of communications of the described nature; or click any links to download the suspicious programs, please contact bank officers immediately.