[Malware Attack Warning]
Malware Attack Targeting Shinsei PowerDirect (Internet banking) Logins

On Monday, August 19, 2013, Shinsei Bank received reports of a possible malware attack, where infected computers accessing Shinsei Bank's PowerDirect website will prompt customers to enter more values than normal from their Security Code Cards when trying to login (customers are prompted more than three entries).

Shinsei Bank's PowerDirect will never prompt customers to enter more than three values from their Security Code Cards when logging in. Furthermore Shinsei Bank will never ask customers to enter their confidential information via a popup window.

In the event that any customer encounters a suspicious website, please do not enter any information and call our call center, Shinsei PowerCall, toll-free at 0120-456-022 to report the website and to address the issue (See "Addressing the malware attack" at the bottom of this page).

Malware Generated Website Reported on Monday, August 19

Malware infected computers visiting the Shinsei Bank PowerDirect website will display a greater than normal number of fields for customers to enter values into from their Security Code Cards. In some cases an error message was displayed in the form of a popup window followed by the previously mentioned altered website.
Only the following information will be requested when logging into Shinsei Bank PowerDirect:

First Login Page

  • Branch code (3 digits)
  • Account number (7 digits)
  • PIN
  • PowerDirect password

Second Login Page

  • Three values from Security Code Card

NG Malware Generated Website

Displaying 35 entry fields for Security Code Card values

NG Malware Generated Website

OK Real PowerDirect Website

Displaying 3 entry fields for Security Code Card values

OK Real PowerDirect Website

Addressing the Malware Attack

Those encountering a suspicious screen at Shinsei PowerDirect and other Internet banking services are requested to follow the procedures described below to ensure the security of their account as there is a possibility the PC being used to access the site is infected with a virus, spyware, or other malware.

Malware Webpage Encountered, but NO Information Entered

  1. 1. Update the security software you use to remove a virus.

In case that security software is not employed, inquire to the customer service center of your PC manufacturer.

  1. 2. Update the OS (e.g. Windows) for the latest version.

Additional Steps to Take if Malware Webpage Encountered and Information Entered

  1. 3. Change PIN and Password.

Call our call center, Shinsei PowerCall at 0120-456-272.

  1. 4. Replace your Security Code Card.

Call our call center, Shinsei PowerCall at 0120-456-022. When connected, press *1 on your keypad to directly reach an operator and inform that the PC may be infected with a virus. Shinsei PowerDirect services will be suspended until the Bank is informed of arrival of Security Code Card from customers.

Shinsei Bank employs various security measures to ensure the safety and security of our customers, and we would like to request the cooperation of customers in taking appropriate security measures when using Internet banking to help protect their accounts. Please click on the links below for specific internet security measures.

Augsut 2013
Shinsei Bank

Close