Four Pillars of Safe Digital Banking
Follow these essential practices to protect your accounts, cards, and personal information from cybercriminals.
Protect Your Banking Credentials
Your OTP, PIN, password, CVV, and card number are strictly personal. These details are the keys to your account — guard them at all times.
- Never share credentials with anyone, including people claiming to be bank staff
- Change your password regularly and use unique, strong combinations
- Never write your PIN on your card or nearby paper
- UCB will never request these details through any channel
Recognize and Avoid Digital Fraud
Cybercriminals use urgency, fake rewards, and deceptive messages to steal your information. Learn to spot warning signs before you act.
- Be cautious of messages creating unusual urgency or pressure
- Do not click unfamiliar links in SMS, email, or social media
- Refuse requests to install software or share your screen
- Verify unsolicited calls by calling UCB directly at 16419
Use Digital Banking Securely
Access your accounts only through official UCB platforms. The security of your device and network directly impacts your account's safety.
- Always use the official UCB app or website (www.ucb.com.bd)
- Keep your device OS and apps fully updated at all times
- Download apps only from Google Play or Apple App Store
- Never use public or unsecured Wi-Fi for any banking activity
- Avoid using rooted or jailbroken devices for banking
Protect Your Cards and Payments
Physical card security is just as important as digital. A moment's inattention at an ATM or POS terminal can lead to fraud.
- Shield the keypad with your hand when entering your PIN
- Never hand your card to anyone out of your direct sight
- Receiving money never requires sharing an OTP or scanning a QR code
- Review account statements and transaction alerts regularly
- Report a lost or suspicious transaction immediately
Debit & Credit Card Safety Guide
UCB aligns with Payment Card Industry Data Security Standards to protect every transaction you make.
ATM & POS Safety: If you have any doubt about the authenticity of an ATM or POS machine, do not use it. Inspect the machine for any abnormalities or unusual attachments before inserting your card.
- Stay Alert: Register for SMS and email alerts for all transactions. Report any discrepancies to UCB immediately.
- Update Your Details: Keep your mobile number and email current. Notify UCB of any changes immediately.
- Safeguard Your PIN: Memorise your PIN and change it regularly. Destroy any written record of your PIN.
- Verify Your Card: Always ensure the card returned to you after a transaction is genuinely yours.
- Monitor Transactions: Insist your card is swiped in your presence at merchant outlets. Always cover your PIN entry.
- Check Notifications: After each transaction, verify the amount through the alert you receive.
- Immediate Reporting: Contact UCB at once if your card is lost or your details may be compromised.
- Keep Customer Care Handy: Save 16419 in your phone for quick access in any emergency.
- Guard Your Card: Never hand over your card to anyone, even someone claiming to be from UCB or another bank.
- Keep Personal Info Private: Never share your card details, PIN, OTP, or CVV with anyone. UCB will never ask for these.
- Avoid Public Wi-Fi: Never use unsecured or public Wi-Fi networks for online banking or shopping.
- Refuse Help at ATMs: Never accept assistance from strangers at an ATM. Contact UCB directly if in doubt.
- Ignore Suspicious Messages: Do not respond to unexpected calls, SMS, or emails asking for your personal details.
Card Skimming Warning: Skimming devices are illegally installed inside ATMs or POS machines to copy data from a card's magnetic stripe. This data is transferred to a blank card and used to make fraudulent purchases or cash withdrawals. Always inspect ATM and POS machines for unusual attachments before use, and always cover the keypad while entering your PIN.
Common Fraud Patterns to Watch For
Fraudsters are increasingly sophisticated — including with the use of AI. Understanding how they operate is your first line of defence.
Call Centre Fraud
Calls from someone claiming to be UCB or a government official, creating urgency about a frozen account, unpaid fine, or prize. They ask for your OTP, PIN, or card number. Hang up immediately. UCB never calls to request credentials.
SMS Phishing
Fake SMS messages appearing to come from UCB or trusted brands, containing urgent alerts or prize notifications with links leading to fraudulent websites designed to steal your credentials.
Email Phishing
Emails mimicking UCB communications asking you to confirm your account or update your details via a link. Always check the sender's full address. Access ucb.com.bd directly — never through an email link.
QR Code Phishing
Scammers ask you to scan a QR code to "receive" a payment or verify your account. Scanning unknown codes can redirect you to malicious sites or initiate unauthorized transactions. Never scan QR codes from unknown sources.
Fake Video & Voice
AI tools (including video generators) can create convincing fake videos or voice recordings of trusted people — such as a manager instructing you to transfer money to a new account. Always verify through official UCB channels.
Fake AI Chatbots
A fraudulent customer service chatbot on a fake website may try to collect your personal details or account information by pretending to assist you. Only interact with support through the official UCB app and www.ucb.com.bd.
UCB Will Never Ask for Your Sensitive Information — Through Any Channel
UCB officials will never ask for your OTP, PIN, password, CVV, or full card details through phone calls, SMS, email, social media, links, or any other channel. Do not share such information with anyone under any circumstance.
Always verify the authenticity of any link before clicking. Fraudulent links may closely mimic UCB's official website address. When in doubt, type www.ucb.com.bd directly into your browser.
How a Phishing Attack Works
Understanding the anatomy of a fraud attempt helps you identify and stop it at any stage.
A typical scam moves through these stages — learn where to break the chain.
Fraudster Targets You
Scammer collects your phone number, email or social profile
Fake Message Sent
SMS, email, WhatsApp or call mimicking UCB or a trusted brand
Urgency Created
"Your account is blocked" or "You won a prize — act now!"
Fake Link or Call
You are directed to a fraudulent website or kept on the phone
Credentials Stolen
OTP, PIN, password or card details are captured by the scammer
Account Drained
Fraudulent transfers or purchases are made from your account
If you comply
Sharing OTP, PIN or clicking fake links gives fraudsters direct access to your account — funds can be transferred within minutes.
If you stay alert
Hang up, delete the message, and call UCB at 16419 to verify. Never share credentials — UCB will never ask for them.
How fraudsters approach, manipulate, and steal — and where you can stop them.
You Receive an Unexpected Message or Call
A call, SMS, email, or social media message arrives claiming to be from UCB, a government body, or a prize authority. The message appears legitimate — official-looking logos, bank names, or even your own name may be used.
Stop here: UCB will never call you asking for credentials.A Sense of Urgency is Created
You are told your account has been suspended, a fine is due, a prize must be claimed immediately, or an unauthorized transaction is happening. The goal is to make you act without thinking clearly.
Stop here: Pause. Genuine UCB alerts do not demand immediate credential sharing.You Are Directed to a Fraudulent Website or App
A link is shared that looks almost identical to www.ucb.com.bd — perhaps "ucb-secure.com" or "ucb-verify.net." Alternatively, you may be asked to download an app from outside the official app stores.
Stop here: Only access www.ucb.com.bd directly. Only install apps from Google Play or the App Store.Your OTP, PIN, or Password is Captured
On the fake website or during the call, you enter — or are asked to verbally share — your OTP, PIN, password, CVV, or full card number. The fraudster now has everything they need to access your account.
Never share these. UCB will NEVER ask for your OTP, PIN or password through any channel.Unauthorized Transactions Are Made
Within minutes of obtaining your credentials, the fraudster transfers funds, makes purchases, or takes over your account entirely. Recovery becomes difficult once transfers are completed.
If this happens: Call 16419 immediately to block your account and report the fraud.Stay Informed, Stay Safe
You can stop this journey at any stage — by not responding to unsolicited messages, not clicking unverified links, not downloading apps from unofficial sources, and never sharing your credentials with anyone.
Report any suspicion immediately: Call 16419Download Only the Official UCB App
Your safety starts with using genuine, verified software. Always download the UCB app from official stores only.
The Official UCBOne Mobile Banking App
The UCB mobile app is the only secure, verified channel for your digital banking. Fake apps distributed through WhatsApp messages, third-party sites, or APK links may look identical — but steal your credentials instantly upon login.
Only download from Google Play Store or Apple App Store — never from links sent via SMS, WhatsApp, or email.
Verify the publisher — the official app is published by United Commercial Bank PLC. Check the developer name before installing.
Enable auto-updates so your app always has the latest security patches and fraud protection features.
Enable biometric login (fingerprint or face recognition) in the app for an extra layer of account security.
What To Do If You Are Scammed
Act quickly. Every minute counts when your account may be at risk. Follow these steps immediately.
Block Your Card & Account
Contact UCB at 16419 immediately to block your card or freeze your account before further unauthorised transactions occur.
Call 16419 Immediately
Report the incident to UCB Customer Care. Our team will guide you through securing your account and initiating a fraud investigation.
Change Your Password
Immediately change your UCB online banking password, mobile app PIN, and any other account credentials that may have been compromised.
Report Suspicious Transactions
Review your recent transaction history carefully and report any unauthorised activity to UCB in writing with full transaction details.
Preserve All Evidence
Take and save screenshots of suspicious SMS messages, call logs, emails, or any communications received from the fraudster as evidence.
Secure Your UCBOne Mobile Banking
Your smartphone is your banking branch — protect it with the same care you would a physical branch visit.
Enable Screen Lock & Biometrics
Always use a strong screen lock — PIN, pattern, fingerprint, or face recognition — on your device. Enable biometric authentication within the UCB app for an added layer of security.
Avoid Unknown APK Downloads
Never download the UCB app or any banking-related app from unofficial sources or third-party APK sites. Only install apps from the Google Play Store or Apple App Store.
Deny Screen-Sharing Requests
During any customer support call, do not allow anyone to install screen-sharing or remote access applications (such as AnyDesk or TeamViewer). UCB support will never require screen access.
Keep Your App Updated
Always keep the UCB mobile app updated to the latest version. Updates contain important security patches that protect against newly discovered vulnerabilities.
Essential Security Habits
Small, consistent habits make a significant difference in keeping your digital life secure.
Update Your Browser & Mobile App
Modern browser versions include protection against fake and malicious websites. Keep your UCB mobile app updated for the latest security patches.
Keep Software Updated
Updated software is significantly harder for viruses and malware to exploit.
Guard Private Info
Review privacy settings on social networks — limit what you share publicly.
Secure Paper Records
Shred bank statements and documents containing personal or financial details.
Use Strong Passwords
Use unique, complex passwords for each account. Consider a trusted password manager.
Enable 2FA
Where available, enable two-factor authentication for an extra layer of account security.
Frequently Asked Questions
Understand how UCB's security infrastructure protects you during every online banking session.
When you log in to UCB online banking, your browser establishes a secure, encrypted session using SSL (Secure Sockets Layer) protocol. You authenticate with your User ID and customized password, and the UCB server verifies these credentials before granting access and initiating session encryption.
Once the secure session is established, your transaction data is processed through UCB's internal protected systems. A series of firewalls and filtering routers prevent any unauthorized external user from accessing the bank's internal network or your data.
The internet is inherently an open, public network — millions of computers form interconnected pathways through which your data travels. During this routing process, data may pass through multiple intermediary systems, each representing a potential point of interception.
Without strong security, financial data is vulnerable to three core threats:
- Eavesdropping — unauthorised parties listening to or copying private data in transit
- Manipulation — data being altered by an intermediary without your knowledge
- Impersonation — a party communicating under false identity (either as you, or as UCB)
SSL (Secure Sockets Layer) counters the three core internet security threats through three mechanisms:
- Encryption — scrambles your data so eavesdroppers cannot read it
- Data integrity — ensures data cannot be altered in transit without detection
- Authentication — verifies that you are communicating with the real UCB server, not an impersonator
UCB uses 128-bit encryption — one of the strongest commercially available standards. The encryption for each session is independent, so breaking one message provides no advantage in decrypting others. Verify SSL is active when your browser shows https:// and a padlock icon.
Two clear indicators confirm a secure, encrypted connection:
- The address bar shows
https://(nothttp://) - A padlock icon appears in your browser's address bar
If either indicator is missing when you believe you are on the UCB website, do not proceed. Close the browser and type www.ucb.com.bd directly into the address bar — never click a link sent to you.
No. UCB's security protocols enhance your browsing experience without limiting access capabilities. Security measures affect only the transmission of data — not your ability to read, save, or interact with content on the site. The SSL protocol operates invisibly beneath standard web protocols, providing continuous protection without interrupting your experience.
How UCB Protects You
UCB employs multiple layers of enterprise-grade security technology to safeguard every transaction you make.
128-Bit Encryption
The highest commercially available encryption standard secures all data transmitted between your device and UCB's servers.
Multi-Layer Firewalls
Filtering routers and firewalls separate the public internet from UCB's internal network, blocking all unauthorized access attempts.
SSL Authentication
RSA public key cryptography with ISO X.509 digital certificates verifies you are always connecting to the genuine UCB server.
Activity Monitoring
All sessions — logins, logouts, and access attempts — are logged and monitored in real time to detect and respond to suspicious activity rapidly.
Session Authentication
Every session is independently authenticated with your User ID and password, with session encryption initiated upon successful verification.
Secure Routing
Internal transaction processing systems are completely isolated from the internet, accessible only through UCB's secure internal protocols.
Report Fraud or Suspicious Activity
If you suspect fraud, receive a suspicious message, or believe your account has been compromised — contact UCB immediately through our official channels below.
+88 096 999 16419
Disclaimer: This page is provided for customer awareness and educational purposes only. Customers should rely exclusively on official UCB communication channels and independently verify any security-related request before taking action. UCB will never initiate contact to request your OTP, PIN, password, or card details through any channel.