SINGAPORE - A new variant of phishing scam using spoofed SMS messages to target bank customers has been making its rounds, contributing to 374 reported cases involving losses totalling about $1.07 million between January and May this year.
In a statement on Saturday (July 10), the police said victims of this latest scam variant would typically be informed there were payment attempts detected from their bank accounts. Such messages would then urge victims to click on the link provided in the same message if they did not make the transactions.
When victims click on the link, they would be led to a phishing website that resembles the official website of a bank, requesting for their personal particulars, internet banking details and One-Time Passwords (OTPs).
"As the scammers had spoofed the bank's SMS accounts, the scammers' message might appear in the same SMS conversation thread as a bona fide SMS message from the bank," said the police.
After providing the details, the victims subsequently realised they were scammed after receiving SMSes on money being transferred from their bank accounts, added the police.
The police also advised the public to adopt the following measures to prevent their bank accounts from being compromised:
• Do not click on URL links or call the numbers provided in unsolicited text messages;
• Always verify the authenticity of the information with the official website or sources;
• Never disclose personal or Internet banking details and OTP to anyone. Bank staff or government officials will never request for such login details and OTPs over the phone.
• Report any fraudulent credit or debit card charges to your bank and cancel the card immediately.
Members of the public that wish to provide any information related to such scams are also advised to call the police hotline at 1800-255-0000, or submit it online at this website.
For scam-related advice, they may also call the anti-scam helpline at 1800-722-6688 or go to this website.