Police, DBS Bank warn of phishing scams using bank's name

Image of phishing SMSes using DBS Bank's names. (PHOTO: Singapore Police Force)
Image of phishing SMSes using DBS Bank's names. (PHOTO: Singapore Police Force)

SINGAPORE — The Singapore police and DBS Bank have warned the public on a recent spate of phishing scams which use the bank's name to trick victims into keying in their online banking usernames and passwords.

In a joint media statement on Wednesday (8 June), they said that in this latest variant of phishing scams, the public would receive unsolicited SMSes with alpha tags such as “SG-DBS” or “DBS-Notice”.

These text messages would claim that the victims' credit cards had been blocked due to unusual activity, or that their bank accounts had been frozen because of suspicious activities.

The SMSes would direct victims to sign in via an embedded link to verify their identity. Upon clicking on the link in the SMS, the victim would be directed to a spoofed internet banking log-in page, where victims would be asked to key in their online banking username and password.

After entering the spoofed website, the victims would be redirected to another spoofed webpage requesting them to key in the One-Time Passwords (OTPs) received on their mobile phones. Victims would realise that they had been scammed when they discovered unauthorised transactions made from their bank accounts.

"The Police have observed an increasing trend of phishing scams where scammers would impersonate as bank staff and target victims through SMSes," the joint media statement said.

"Please note that banks will never send any SMS with clickable links. Members of the public should not click on links in SMS that are purportedly from banks."

DBS Bank to take short-term measures to disrupt scams

DBS said in the media statement that, in the past month, over 600 customers have been protected from various scams typologies due to active surveillance and $173,000 of losses were successfully recovered.

Nonetheless, about 60 victims had each lost between $60 and $3,000 due to the recent phishing scams.

DBS said that, while its bank systems remain secure, it may be necessary given the widespread nature of the current scams for the bank to take short-term measures that may lead to friction or delay to transactions in order to disrupt the scams and protect its customers.

The police and DBS have advised the public to be on heightened alert and to follow these crime prevention measures:

  • Bank officers will never ask for banking details or OTPs over the phone or via SMS;

  • Do not click on dubious URL links provided in unsolicited text messages. Banks do not send SMSes containing links;

  • Always verify the authenticity of claims of problems with bank account or cards issued by the bank with the official bank website or sources;

  • Never disclose personal or Internet banking details and OTPs to anyone;

  • Report any fraudulent transactions to the bank immediately.

Customers who suspect they are a victim of a scam can call DBS’ dedicated fraud hotline at 1800-339-6963 (from Singapore) or +65-63396963 (from overseas) and speak to a DBS customer service officer. They can also activate the Safety Switch to temporarily block access to their funds.

Should the public have any information relating to such crimes, they can call the police hotline at 1800-255-0000, or submit it online. For more information on scams, visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688.

Stay in the know on-the-go: Join Yahoo Singapore's Telegram channel at http://t.me/YahooSingapore