The Police have observed an increasing trend of phishing scams where scammers would impersonate as bank staff and target victims through SMSes. Please note that banks will never send any SMS with clickable links. Members of the public should not click on links in SMS that are purportedly from banks.
In the latest variant, members of public would receive unsolicited SMSes with alpha tags such as “SG-DBS” or “DBS-Notice” claiming that their card had been blocked due to unusual activity, or that their bank account had been frozen because of suspicious activities. The SMS would direct victims to sign in via an embedded link to verify their identity. Upon clicking on the link in the SMS, the victim would be directed to a spoofed internet banking log-in page, where victims would be asked to key in their online banking username and password. After entering the spoofed website, the victims would be redirected to another spoofed webpage requesting them to key in the One-Time Passwords (OTPs) received on their mobile phones. Victims would realise that they had been scammed when they discovered unauthorised transactions made from their bank accounts.
DBS and the Police have collaborated on various anti-scam efforts. In the last month, over 600 customers have been protected from various scams typologies due to active surveillance and $173,000 of losses were successfully recovered. Yet, about 60 victims had each lost between SGD60 and SGD3000 due to the recent phishing scams. This could increase if accounts continue to be compromised.
DBS would like to assure that their bank systems remain secure. However, given the widespread nature of this current campaign, it may be necessary for DBS to take short-term measures that may lead to friction or delay to transactions in order to disrupt the scams and protect their customers. Members of the public should be prepared for such delays, and their understanding is appreciated.
The Police and DBS advise members of the public to be on heightened alert and to follow these crime prevention measures:
- Bank officers will never ask for your banking details or OTPs over the phone or via SMS;
- Do not click on dubious URL links provided in unsolicited text messages. Banks do not send SMSes containing links;
- Always verify the authenticity of claims of problems with your bank account or cards issued by the bank with the official bank website or sources;
- Never disclose your personal or Internet banking details and OTPs to anyone; and
- Report any fraudulent transactions to your bank immediately.
Customers who suspect they are a victim of a scam can call DBS’ dedicated fraud hotline at 1800-339-6963 (from Singapore) or (+65) 63396963 (from overseas) and speak to a DBS Customer Service Officer, or activate the Safety Switch to temporarily block access to their funds. DBS would assist those customers with necessary follow-up actions including replacing their cards and lodging the fraud report.
If you have any information relating to such crimes, please call the Police Hotline at 1800-255-0000, or submit it online at www.police.gov.sg/iwitness. If you require urgent Police assistance, please dial ‘999’.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688. Join the ‘Spot the Signs. Stop the Crimes’ campaign at www.scamalert.sg/fight by signing up as an advocate to receive up-to-date messages and share them with your family and friends. Together, we can help stop scams and prevent our loved ones from becoming the next victim.
Annex A
Image of Phishing SMSes
Image of spoofed internet banking log in page
SINGAPORE POLICE FORCE
08 June 2022 @ 10:23 PM