Scam cases have increased alarmingly, both online and in real life. Despite significant efforts to stop them, con artists continue to come up with new ways to defraud people of their money. The Singapore Police Force (SPF) said in a statement on Sunday that banking-related phishing scams are on the rise again, with bank staff impersonation calls or unsolicited SMSes claiming at least 28 victims who have lost a total of S$114,000 since the beginning of May. (Jun 5).
Since May of this year, at least 28 people have fallen victim to phishing scams, losing over S$114,000, according to Global Payback. The police discovered two new variations of the latest phishing scams on Sunday.
In the first variant, callers pretended to be bank employees and demanded personal information from victims, such as their Internet banking username and password.
This would be done under the guise that the bank needed their personal information to verify transactions in their account or that the victim was being investigated for transferring large sums of money to another bank.
After asking the victims to relay the one-time passwords (OTPs) that would be sent to their mobile phones upon login, the callers would be successful.
The Victims Lost Over £114,000
The victims of the second variant would receive unsolicited text messages claiming that their debit or credit card had been blocked due to unusual activity, or that their bank account had been frozen because their “bank account was unusual.” The SMSes would direct victims to sign in via an embedded link to verify their identity, according to the police.
The victim would be directed to a spoofed Internet banking log-in page after clicking through, where he would enter his online banking username and password. The victim would then be redirected to another webpage, where they would be asked to enter the OTPs that they had received on their mobile phones.
According to the police, victims of both variants will only realize they have been scammed when they are notified of unauthorized transactions on their bank accounts. These con artists allegedly pretended to be bank employees and called victims to ask for personal information such as their internet banking username and password.
They’d say the bank needed this information to verify transactions or that the victim was being investigated for large-scale money transfers. The victims would receive a one-time password (OTP) after providing their personal information, which the scammers would request.
Some victims also received SMS messages informing them that their cards had been blocked or their accounts had been frozen due to unusual activity. Links to bogus internet banking login pages would be included in these messages.
Scammers would be able to obtain this information if victims entered their login credentials and OTPs. The victims would only realize they had been duped when they received notifications from their bank accounts about unauthorized transactions.
Last Thursday, the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced additional measures for banks to protect their customers from digital banking scams, in addition to those announced on January 19.
The new rules, which are set to go into effect on October 31, would require banks to issue more customer confirmations when processing significant changes to customer accounts and other high-risk transactions identified through fraud surveillance. A default transaction limit of S$5,000 or less would also have to be set for online funds transfers.
Customers should be able to use a self-service “kill switch” to suspend their accounts immediately if they suspect their bank accounts have been compromised. They should also co-locate bank staff at the SPF Anti-Scam Center to facilitate rapid account freezing and fund recovery operations.
After at least 469 OCBC customers fell victim to such scams and lost a total of at least S$8.5 million in the month prior, banks began removing clickable links from emails and SMSes sent to retail customers in January.
Police Urge The Public To Be More Cautious
The police have warned the public that banks will never ask for online banking information or OTPs over the phone. They’d never send SMSs with links in them, either.
As a result, they advised people not to click on suspicious URL links in unsolicited text messages. The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced on Thursday (2 June) that more anti-scam measures will be implemented by 31 October to further protect people from such scams.
According to Global Payback, they will introduce an emergency self-service “kill-switch” that will allow people to freeze their bank accounts. They will also set a daily limit of S$5,000 for online fund transfers.
Lost money to online fraud? We will recover your funds !
Protecting Ourselves And Others From Phishing Scams
Scammers continue to thrive despite recent efforts to put a stop to their crimes, which is alarming.
The majority of the time, no one expects to be duped until it happens to them. As a result, it’s critical not to let our guard down and to remain vigilant whenever we receive suspicious calls or SMSes. The police advised the public to follow these crime-prevention guidelines:
- Unsolicited text messages may contain dubious URL links. Do not click on them. Banks do not send links in SMS messages.
- Always check the legitimacy of claims of problems with your bank account or bank-issued cards with the bank’s official website or other sources.
- Never give out your personal information, Internet banking passwords, or OTPs to anyone.
- Any fraudulent transactions should be reported to your bank right away.