Singapore Police Force (SPF) has stated that it received several reports of phishing emails where the victims were deceived into revealing their personal particulars and bank account details since 5 January 2017.
The Police said that in these cases, the victims would first receive an email purportedly from their bank informing them of a login made on their internet banking account.
To verify the login, the victims were asked to click on a link in the email which directed them to websites bearing resemblance to their respective banks’ websites. The victims were then asked to key in their personal details, internet banking credentials and One-Time Password (OTP) at these websites.
Subsequently, the victims would receive an SMS notifying them of fund transfers of several thousand dollars made to unknown payees.
The Police alerted members of the public to be wary of such phishing emails and to adopt the following preventive measures:
- No email service providers, banks, financial institutions, or companies would email their customers to reveal or verify their user account information, passwords and/or PIN over the Internet for security reasons. If users receive such emails, they ought to be careful and not respond by clicking on any URL link or opening any file attachments inside the email.
- When in doubt about the authenticity of any information in the ‘phishing’ email, customers should call the relevant service providers, banks, financial institutions or companies for verification. No one should ever release confidential information such as user account id, password, PIN and credit card details to anyone over email.
- Look for signs that you are using a legitimate or secure website. Legitimate websites are generally encrypted to protect your details and secure websites use ‘https:’ rather than ‘http:’ at the start of the internet address, or display a closed padlock or unbroken key icon at the bottom right corner of your browser window.
- Install anti-virus, anti-spyware/malware and firewall on your smartphone/computer and keep them updated.
- Report to your bank immediately if you notice any suspicious transactions.
