THE big local banks - DBS, OCBC and UOB - have once again been targeted by the latest trojan horse computer program, which tricks customers into revealing their Internet banking passwords.
Late last month, banks were alerted to the trojan, which could gain scammers access to customers' accounts.
UOB Bank warned on its website that scammers may be able to 'make unauthorised funds transfers within a short period of time'.
DBS Bank had reportedly more than a million Internet banking customers as of last month. The other two banks declined to reveal how many they had.
The three banks last came under attack by trojans - computer programs infiltrating users' computers - in December, but this latest incarnation can steal Internet banking log-in information even before the bank's website can encrypt it.
What happens: At the log-in page, which resembles the real Web page in nearly every aspect, customers will be prompted to enter a third field besides the usual user name and PIN fields - a one-time generated PIN from the bank.
The browser will appear to hang, and the customer is prompted to re-enter the log-in information multiple times, when the trojan will grab it.
On the real site, the customer is prompted for the one-time PIN only after getting past the user name and PIN stage.
Scammers can sell the account information to other hackers at cyber crime forums to use for mischief, said a spokesman from Web security firm Trendlabs.
Not all banking customers will encounter the trojan, only those whose computers are infected.
Trendlabs advises users to 'refrain from visiting malicious websites, and opening suspicious links on e-mail, which is usually the source of these types of malware'.
This trojan creates a false sense of security, as even users who bookmark their bank sites are not safe. When they click on the bookmarked link or type out the Web address, the trojan simply re-directs them to the fake site.
The banks advise customers to update their anti-virus software regularly. If they encounter the trojan, they should call the customer service hotline immediately, and the compromised account will be blocked.
