Development Bank of Singapore and the Singapore Police have issued a warning to the public that a specifically crafted phishing SMS message are spreading, providing users a link that will steal their username and passwords for their DBS online account.
Sample messages below:
DBS instructed their customers never fall for such scams, especially those messages that requires the customer to decide to act on something on a short notice. They instead instructed them to call the DBS hotline 1800-111-1111 or visit their official site for further instructions at www.dbs.com/security.
“Beware of phishing websites that may look genuine. Always type in the full URL of the bank (e.g. www.dbs.com.sg or www.posb.com.sg) into the address bar or use the official mobile banking application to ensure that you are using legitimate banking services. Do not disclose your Internet banking details such as account username, Personal Identification Number (PIN) or One-Time Password (OTP) to anyone through phone, e-mail or SMS – including bank staff or law enforcement officers,” explained the DBS representative.
It is still unknown how the phishers were able to collect the mobile numbers of their target victims, as DBS has not released the mobile numbers of their customers publicly. The bank has also warned their customers never share their online banking account user credentials to anybody, as it is considered for personal use only.
“Ignore or decline all requests by online acquaintances to use your bank account for transfer of money to purchase Bitcoins. If you suspect that you have received an unknown sum of money in your bank account, report it to the bank and the police immediately. If the unknown sum of money is still in your account, do not transact it in any way,” the DBS representative concluded.
The Singapore police is also on alert for cases of cyberfraud, especially illegal transactions which cause unauthorize account debits from an unsuspecting customer. Money Laundering activities are considered as high crimes in the city-state, with maximum jail time of 10 years and Sg$500,000 fine or both. Scamalert.sg is a website dedicated in helping Singaporeans in fighting phishing and other online scams that may be attempted against them.
Here in thethreatreport.com, we present to you our own safety tips to avoid becoming the next victim of phishing:
Do not answer suspicious email and instant messages.
Financial entities do not use email to address their customers. Therefore, do not give any credibility to emails that state that they come from banks, savings banks or financial entities in general. Delete them from your computer.
Do not click on these emails and instant messages.
Do not try to do any checking by clicking on the links or addresses they contain.
Always access your bank with the greatest security.
Review the banking movements of your account periodically and frequently. Access the official page of your bank from your computer, typing it in your browser.
Update your antivirus programs.
Always keep your antivirus program up to date and make sure it protects you from these types of fraud attempts. Remember that the most frequent system of fraud (phishing) is the impersonation of the website of the Bank or Savings Bank trying to confuse customers with sending mail for the purpose of the impersonation and the emails are becoming more sophisticated and prone to confusion.