Website, Email and Online Scams

Website, Email and Online Scams


It has been brought to AFFINBANK attention that names/ particulars of directors, senior management, staff of the Bank, bank corporate address, bank logo and 'almost similar' website addresses of the Bank are being misused in various forms of communication including direct mail scams, email scams and dubious schemes involving but not limited to invitation to participate in non-existent fund transfers, inheritance fraud, 'black money' scams, transfers of funds from fraudulent and fictitious accounts with intention to cheat.

We wish to inform that the Bank shall not be responsible for any damages/ losses suffered by any party or parties relying or acting upon the contents of such emails and dubious schemes or websites belonging to cyber-squatters.

The information furnished herein is by no means exhaustive as it is based on cases received by Affin Bank Berhad and Affin Islamic Bank Berhad.


How to identify a scam

It ussually contains

  • Logins via email links to fictitious sites
  • Promises of money for little or no effort
  • Deals that sound too good to be true
    • inheritance claim or contest prize money of an exorbitant fund worth millions of US Dollars
  • Online application forms for account opening/ claims carrying a tampered logo of the Bank
    • victims will be required to complete the online forms providing their personal and financial information
  • Victims will be requested to pay a transfer fee worth several thousands of US Dollars before the inheritance funds or prize money promised could be transferred to their accounts. To effect the transfer, the beneficiary name, account number, Bank where the account is maintained, Bank address and Bank Swift Code will be furnished
  • Steps to login to an account set up for the victim online wherein the Personal ID, Access PIN and Activation Code will be furnished
    • Affin Bank Berhad will not provide ID/ passwords to customers. Customers have to obtain the password at either our ATMs or Branch. The Bank also does not have any activation code. We use the Transaction Authorization Code (TAC) for every transaction.
  • Private email addresses and mobile phone numbers of purported employees
  • Email addresses that does not belong to Affin Bank Berhad
  • Mailing addresses that does not belong to Affin Bank Berhad
  • Alert messages and threats of account closures if no claim is made


List of some dubious domains reported in the last 6 months (list will be updated from time to time) - for reference only


Steps to be taken for protection

  1. Never access the Bank’s website from attachments or links in an email. Type the Bank’s correct address or manually at the address bar or bookmark the link.
  2. Do not provide any personal or financial information to an unsolicited request.
  3. Even if you have reasons to believe that the contact may be genuine, you are encouraged to contact the Bank to confirm.
  4. Do not disclose your passwords, PIN number and/ or credit card number without proper verification that the communication is made over a trusted and genuine website/ channel.


If you have fallen victim to a phishing attack, you may take these steps to minimize any damage:

  1. Change the passwords or PINs of all your online accounts that may have been compromised.
  2. Alert the Bank immediately via the following:
    • By phone to the Call Centre at 03-5522 3000 or Careline at 1 800 88 3883
    • By email to
    • By completing the Online Feedback Form
  3. If you know of any accounts that were accessed or opened fraudulently, arrange to close these accounts by approaching the Bank’s Branches.
  4. Lodge a police report where applicable for further investigation to be carried-out.
Please be alert for such scams and highlight the same to upon being aware of the same.

Retail Internet Banking

Corporate Internet Banking

Contact Us

Contact Centre
03-8230 2222

Tariff Charges insert_drive_file
Rates attach_money
Calculator phonelink_ring