Security Tips

Fraud Awareness

In order to protect customer from fraud, we advise our customers to be cautious when conducting all banking transactions such as:

  1. Do not submit pre-signed blank form.
  2. Do not give your debit card to anyone.
  3. Do not inform your PIN or password to anyone.
  4. Regularly change your PIN or password.
  5. Immediately report lost or stolen ATM card, saving book, PIN or password to the Bank.
  6. Actively monitor transaction and monthly bank statement or saving book.
  7. Immediately report suspicious financial transaction conducted by unauthorized person to the nearest branch or via email
  8. Immediately inform the Bank on any personal data changes.
Security tips icon

Be aware of Fraud on behalf of Hana Bank

  • Hana Bankadvises to customers NOT TO SERVE ANY REQUEST via SMS, Whatsapp, Telephone or other if suspicious.
  • If the Customer does NOT do an online transaction, however receiving a Short Message Service ("SMS") security / authentication / authorization code on behalf of Hana Bank, captured the message immediately as an evidence that can be reported and PLEASE DO NOT RESPONSE the message because it is a FRAUD attempt.
  • DO NOT INFORM the Card Verification Value ("CVV") number (3 digits on the back of debit card) & the One Time Password Authentication / Authorization Code ("OTP") to anyone
  • Hana Bank never asks for cash, data or other personal information related to the customer's account.
Security tips icon

Know Online Threats

The first steps in avoiding threats is knowing what to look for and how to protect against them

Security tips icon


Phishing is a technique that has been used since the beginning of email communications. Cyber criminals create emails that appeal for help with disasters such as floods or earthquakes, or that promise great financial deals or opportunities. They may also target your hobbies or business relationships to encourage you to click a link that downloads malicious software. Sometimes there is a request for banking account or other personal information and other times there is a request that you download or click on a file.

Security tips icon

Spear Phishing

Spear phishing is the next evolution of phishing and uses many of the tactics of both phishing and social engineering. Cyber criminals know that if they include the right number of specific details about you in their spear phishing email, you are more likely to read it and potentially click or reply. Spear phishers get their information from various sources: by stealing Internal Personal Identifiable Information (PI, or – more commonly – by viewing your profile on social media sites, such as Facebook and LinkedIn. The information you freely post on the internet can easily be used to create a convincing spear phishing email.

Security tips icon


Smishing stands for SMS phishing. SMS is a text-messaging service component of most telephone, Internet and mobile device systems. Smishing is the texting version of phishing, or a text scam. Smishing is when someone tries to trick you into giving them your private information via a text or SMS message.

Security tips icon

Voice Phishing

Some social engineers will attempt to gain access to information over the phone (sometimes referred to as “vishing”). It’s the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies to induce individuals to reveal personal information such as bank details and debit/credit card numbers.

Security tips icon


Malicious code (or malware) is any kind of software or code specifically designed to exploit a computer or mobile devices and the data it contains without consent by causing damage or gaining unauthorized access. It can also include web scripts which may be used to upload malware through exploiting a vulnerability. You could be downloading malware just by going to a website. Examples of malware include viruses, trojan horses, worms, and spyware.

Security tips icon

SIM Replacement Fraud

SIM replacement fraud is when a cyber-criminal obtains your name and mobile phone number and requests your mobile operator for a replacement SIM card by pretending to be you – claiming loss or malfunction of SIM. The mobile service provider deactivates your existing SIM and issues a new one. The cybercriminal now receives all confidential bank notifications, including OTPs.

How to Protect from Online Threats

  • Always be suspicious of emails from unknown senders, especially if they have attachments, calendar invites, or links, or prompt you to download images or content.
  • NEVER click on a link from an external source you cannot trust. This is the most common way to download malware. This includes emails that have been forwarded to you.
  • Pay attention to the URL of website and email addresses (not display names). Malicious websites or addresses may look identical to a legitimate site/address, but may use a variation in spelling (e.g., or different domain (e.g., vs .net)
  • DO NOT click on links or attachments / calendar invites from a sender you cannot trust.
  • NEVER download images / pictures or “enable content” from an unknown senders.If the email contains many grammatical errors, it typically is a phishing email.
  • DO NOT reveal personal or financial information in emails and do not respond to email solicitations for this information.
  • NEVER open an attachment if the sender has attempted to send different types of attachments multiple times without success. Be suspicious of senders who deviate from their usual method of transmission.
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company or sender directly. DO NOT use contact information provided in the email you received;
  • NEVER inform your personal identity and/or OTP (One Time Password) you received to any person who try to contact you by call.
  • Secure your mobile device using a password
  • If your phone is displaying a “SIM not registered” or a similar message, call or visit your mobile operator immediately
  • Contact your mobile operator immediately if you stop receiving calls or texts for unknown reasons
Immediately contact CALL Hana 1-500-021, if you have already made a suspicious online transaction.

ATM Fraud and Card Fraud

ATM Fraud

Your ATM Card Information can be stolen while you are at the ATM.

  1. Tampering with the card reader to trap the card.
  2. Looking over your shoulder to observe your PIN.
  3. Installing a false keypad to capture your PIN.

Stay protected with these tips:

  • Be wary of people around you at the ATM.
  • Ensure the machines has not been tampered with.
  • Cover the keypad when keying in your PIN.
  • Shred and discard your receipts.
Security tips icon

Card Fraud

The use of cards for unauthorized of unlawful transactions.

  1. Use of lost or stolen card to make purchases.
  2. Use of skimming device to duplicate card details to create a counterfeit card.
  3. Online transaction using card number, expiry date and CVV number.
  4. Impersonating bank or phone companies to obtain your card details.

Stay protected with these tips:

  • Never share your card details with anyone.
  • Keep your card in sight when making payments over a counter and ensure the correct card is returned to you.
  • Check your card statement for unknown transaction.
  • Shred and discard card statement, receipts, and old expired cards.
Security tips icon
Immediately contact CALL Hana 1-500-021, if there is a suspicious transaction.

KEB Hana Bank

Credit Card Discount Promotion Details

NOTE: Depending on Merchant/Store circumstances Discount Offers are subject to change at any time without prior written notice.


KEB Hana Bank

Hana Bank