Singapore — Communications and Information Minister Josephine Teo said that stepped-up efforts are being outlined to block scam websites in light of the recent series of phishing scams which saw nearly 800 customers from OCBC alone, losing a total of S$13.7 million.
Ms Teo was delivering her ministerial statement in Parliament on Tuesday (Feb 15), focusing on online phishing and spoofing scams.
She first highlighted that the OCBC scams were not the result of cyberattacks or weaknesses in cybersecurity.
She used an analogy, noting that the scammers did not use a special key to break into the banks’ premises or steal from the customers’ deposit boxes.
Instead, they stood in front of the bank and tricked customers into handing over their identity cards and keys. They then pretended to the bank teller that they were the real customers, accessed the deposit boxes and cleared them out quickly.
The OCBC scam was a classic case of deception, executed with speed and repeated at scale, she noted.
Scammers are taking advantage of Singapore’s communications infrastructure to reach even more potential victims faster, through SMS, phone calls and emails to phish for information and spoof legitimate organisations.
To combat phishing and spoofing by scammers, we should disrupt as many parts of their modus operandi as possible.
Upstream measures are needed to disrupt scammers’ reach to potential victims, on top of enhanced safeguards in the banking systems to prevent scams from succeeding, said Ms Teo.
Blocking scam websites
She explained that phishing scams usually start with luring potential victims to scam websites.
“This is why much of our upstream measures have focused on blocking scam websites,” said Ms Teo.
In 2020, we blocked about 500 suspected scam websites, increasing to 12,000 in 2021. “Countless more victims would have otherwise been scammed,” she added.
“In fact, we have the capacity to block many more suspicious websites,” she noted. However, this does not mean scam websites will cease to appear on the public’s screens as scammers react quickly and dynamically to such blocks.
Government agencies will also explore the use of artificial intelligence to identify and block scam websites quickly.
At the same time, the National Crime Prevention Council will start a WhatsApp channel in the third quarter of 2022 to crowdsource information on scam websites and messages from the public.
Telecommunication companies also plan to build additional analytics to block more suspected scam calls, with an estimated 55 million calls blocked a month, said Ms Teo.
Regarding SMS spoofing, Ms Teo said that the government would consider requiring all users of alphanumeric IDs to be registered, thus preventing scammers who aren’t registered from sending out such SMSes.
However, she added that these measures require time and come at a cost.
“Given the implications, IMDA (Infocomm Media Development Authority) will study the matter carefully before deciding whether or not to mandate the registration of all alphanumeric IDs,” she said.
“At the same time, organisations should rethink how they use SMS to communicate with their customers.”
Ms Teo said that SMS was never meant for secure communication, comparing it to the postal services, which “are generally safe, but we would not send very valuable items even using registered post.” /TISG