We have received information pertaining to an increase in activity of the DYRE malware (with its associated variants) targeting Singapore online banking customers.

DYRE is a new class of malware targeting online banking that has been active since last year. You will typically receive a phishing email that contains malicious attachments, and if you open the infected email and attachment then the malware will be installed on your computer. DYRE will then be able to act as a man-in-the-browser, with the capability to intercept browser traffic between your computer and your bank. DYRE has the capability to steal your online banking credentials, and to inject new screens into your online banking session to trick you into providing personal information such as usernames, passwords, credit card details, PINs and one time passwords.

Standard Chartered recommends that all customers be on the alert for any irregularities during your online banking session. Suspicious activity would include any altered login flow, popup pages requesting personal or credit card data, redirection to a 3rd party website offering hotline number, and unsolicited requests for token one time passwords. Upon detecting any of these irregularities it is recommended to terminate your online banking session and immediately inform your bank. In addition, you should never open suspicious emails and attachments, you should always keep your anti-virus software up to date and always follow these best practice Security Tips.