The Police would like to alert the public to phishing scams where scammers would impersonate banks by:
- Sending spoofed emails and claiming to be conducting surveys via email;
- Sending spoofed SMSes promoting a banking product e.g. fixed deposit promotions; or
- Video calling victims with a bank’s logo as a backdrop.
In the first variant, victims would receive a spoofed email from a sender who would claim to be from a bank. The email would indicate that the victims have been selected to participate in a survey and would receive a cash reward upon completion of the survey. After clicking on the URL embedded within the email, the victims would be redirected to a phishing website to complete the survey. Upon completion of the survey, the victims would be instructed to provide their credit/debit card details and One-Time Password (OTP). Believing that the information was required to process the cash reward, the victims would provide the details requested by the website. Victims would only realise that they have been scammed when they discovered unauthorised transactions made using their credit/debit card.
In the second variant, victims would receive spoofed SMSes from senders purportedly sent from the banks. The SMSes would include embedded spoofed links or numbers that the victims could contact to find out more about an ongoing banking promotion (e.g. fixed deposit or high interest rate savings promotions). After clicking on the spoofed links, victims would be redirected to a phishing website where they would be instructed to provide their credit/debit card details and One-Time Password (OTP). In some cases where victims called the number indicated, the scammer would impersonate a bank personnel and ask victims to transfer funds to a specific account number, claiming that this was the new account that they had opened for the victim as part of the promotion.
In the third variant, victims would receive an unsolicited video call via messaging applications such as WhatsApp. Victims would subsequently speak to callers who would claim to be from a bank, who would inform them that unauthorised access to their bank account was detected. Under the pretext of assisting to resolve the issue, the caller would request for victims’ personal particulars and bank login details. Victims would only realise that they have been scammed when they discovered unauthorised transactions in their bank account.
Members of the public are advised on the following crime prevention measures:
- Please note that the banks do not send retail customers emails and SMSes that contain clickable links;
- Always verify the email address of the sender to ensure that it matches the company that it is representing;
- Always verify the authenticity of the information with official sources by contacting the bank directly;
- Never disclose your personal particulars, bank login details, credit/debit card details and OTP to anyone;
- Always check the merchant indicated within the OTP SMS received. Never input the OTP if you do not recognise the merchant in the SMS; and
- Report any fraudulent activity in your bank account to your bank immediately.
If you have any information relating to such crimes, please call the Police Hotline at 1800-255-0000, or submit it online at www.police.gov.sg/iwitness. If you require urgent Police assistance, please dial ‘999’.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688. Join the ‘Spot the Signs. Stop the Crimes’ campaign at www.scamalert.sg/fight by signing up as an advocate to receive up-to-date messages and share them with your family and friends. Together, we can help stop scams and prevent our loved ones from becoming the next victim.
Annex A
SINGAPORE POLICE FORCE
17 March 2022 @ 1:00 PM