Security and Privacy
Measures to Protect You From Scams
Rising trend of malware scams
With the rise of malware scams, scammers are applying sophisticated tactics to trick customers into downloading malware through malicious applications.
Malware finds its way into your mobile device through various ways, such as downloading unofficial apps or APK files. It is a harmful software designed to steal your information and gain unauthorised access to your mobile device.
| What happens when your mobile device is compromised by malware? | |
|---|---|
| Stealing of information | Scammers can steal sensitive information such as banking credentials and one-time passwords received via SMS or email. |
| Taking control of your device | Scammers can have remote control access over the compromised device to execute illicit financial transactions without your knowledge or consent. |
Introducing the anti-malware measure on Maybank2u Mobile Banking app
What is this anti-malware measure?
This is our security measure that will alert you if we detect any sensitive permissions granted and the presence of potential malware on your devices. This is to shield you from the risk illustrated above and provide you with a safe and secure banking experience.
How does it affect me?
Upon launching the Maybank2u Mobile Banking app, you may be prompted with the message that your access is restricted. If you see these messages, it is likely that your mobile device is exposed to potential malware risk. To safeguard your banking experience, you may need to uninstall certain apps or change the settings of your device.
Scroll below to find out the different scenarios and how to regain your access.
1. Unofficial M2U Mobile Banking App Downloaded
Why am I seeing this?
We have detected that the M2U Mobile Banking app was not downloaded from the official app store.
What should I do?
Uninstall the M2U Mobile Banking app and download from the official Google Play store.
2. Suspicious Android Package Kit (APK) File(s) Detected
Why am I seeing this?
The app(s) stated in the message was not installed from the official app store(s) and has risky permission settings which may compromise your device and your security.
e.g. An app that was transferred via ‘Smart Switch’, or an app originated from APK file that was granted permission to perform remote control over your device.
What should I do?
Uninstall the stated app and download from the official app store.
Need help locating the settings on your device? Click here.
3. Blacklisted Malware Application
Why am I seeing this?
The app(s) stated in the message was found to contain malicious software.
e.g. An app originated from APK file that was granted permission to perform remote control over your device.
What should I do?
Step 1) Disconnect your device from all connected networks (Switch off Wi-Fi & Bluetooth)
Step 2) Switch to flight mode
Step 3) Uninstall the stated app(s)
Need help locating the settings on your device? Click here.
4. Screen-sharing and/or Recording
Why am I seeing this?
We have detected an ongoing screen sharing and/or recording.
e.g. You could be sharing your mobile screen in a virtual meeting.
What should I do?
Stop the screen sharing and/or recording and relaunch the M2U Mobile Banking app.
5. Developer Mode Detected
Why am I seeing this?
We detected that the Developer mode is enabled on your device
Developer mode is a setting on Android that allows you to configure system behaviors. For Android 4.1 and lower, this option is enabled by default.
It requires extensive access over your device, and hence poses a security risk.
What should I do?
Disable the Developer mode on your device’s settings before relaunch the M2U Mobile Banking app.
Need help locating the settings on your device? Click here.
6. Accessibility Mode Detected
Why am I seeing this?
We detected that Accessibility mode is enabled in the app(s) stated in the message.
When an app has permission to Accessibility, it grants the app extensive access to your phone. Such as remote control, or reading the content of your screens.
What should I do?
Disable the Accessibility mode granted to the app(s) stated and relaunch the M2U Mobile Banking app.
Need help locating the settings on your device? Click here.
Rest assured that these security measures do not monitor nor conduct surveillance on your mobile devices, nor do they collect or store any personal data.
Nevertheless, please stay vigilant as you remain the best defence against scams. For more information, you may refer to the Anti-malware Scams FAQ and Tips to Staying Safe.
Maybank's measures to protect you from scams
Your online banking security is a priority for us and we are constantly looking for ways to keep you protected. As scams continue to evolve, we must stay alert and look out for the signs to avoid becoming a victim of one. In consultation with the Monetary Authority of Singapore, we have implemented stricter measures to lower the risks of online fraud.
Suspend digital banking access in the event of a scam or fraud
As a Maybank customer, you have the option of suspending your digital banking access immediately through the following methods:
1. Call our hotline at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 in the main menu.
2. Login to Maybank2u Online Banking and select ‘Settings’ > ‘Security’ tab > ‘Kill Switch’.
3. Login to Maybank2u SG App and select ‘More’ > ‘Kill Switch’.
Once your digital banking access is suspended, you will no longer be able to log in to Maybank2u online or mobile banking.
To re-activate your Maybank2u online and mobile banking access, you will need to visit any of our Maybank Singapore branches with your NRIC or passport.
To bolster the security of digital banking services, we have implemented additional measures to prevent, detect and manage scam incidents. Click Frequently Asked Questions on the additional security measures to protect you against scams.
Suspend digital banking access in the event of a scam
Suspect that you’re a victim of fraud? Use one of the following methods to suspend your Maybank2u Online and mobile banking access immediately.
1. Call our hotline at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 in the main menu.
2. Login to Maybank2u Online Banking and select ‘Settings’ > ‘Security’ tab > ‘Kill Switch’.
3. Login to Maybank2u SG App and select ‘More’ > ‘Kill Switch’.
No clickable links in emails or SMSes from Maybank
Maybank has removed all clickable links from its emails and SMSes since 31 January 2022. If you have received a message from Maybank with a clickable link, it’s likely that the message is not legitimate.
Restricted or disablement of mobile banking app when suspicious applications are detected
If suspected malware or malicious app(s) is/are detected on your mobile device, Maybank will trigger a pop-up warning message or disable your mobile banking app when you launch the M2U Mobile Banking app.
Dedicated customer service teams to assist you with fraud and scam related matters
Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 to report any unauthorised transactions made to your account(s) and lodge a police report.
Default threshold to receive transaction notifications is revised to S$100
Transaction notification alerts have been set at $100 by default for all customers. You may log into Maybank2u Online Banking to change your default transaction threshold.
Delay of at least 24 hours to activate a new Secure2u digital token on a mobile device
As a security measure, you can only use Secure2u to authenticate transactions at least 24 hours after registration. You will be able to use the physical token to complete your transactions in the meantime.
Notifications will be sent to existing registered mobile number and/or email address if there is a request to update customer’s contact details
This is a security measure to verify that you have given the instruction to the bank to update your contact details. The alert will be sent to the mobile number and/or email address registered with the bank.
Additional security protection on transactions
Maybank has introduced a cooling period to perform selected payment transactions after a new payee has been added. The bank will also send you an email alert when there is a new browser or device login to your Maybank2u Online Banking to notify you in case of any unauthorised logins.