Singapore — How does one tell the difference between a genuine message and a phishing attempt from a scammer hoping to empty your bank account? The problem only gets more knotty when elderly people are the targets.
There has been a sharp rise in cases of scammers sending out SMS messages to all and sundry, purporting to be from a bank and including links that could hack into banking information and passwords.
In December last year, OCBC Bank said it detected and initiated a takedown of 45 phishing websites, which is about eight times more than the average takedown requests every month.
The bank warned its clients to be vigilant of “SMSes containing a link to a fraudulent website disguised as a legitimate bank website requesting banking information and passwords”.
Between Dec 8 and 17, 26 OCBC customers lost a total of S$140,000 to scammers.
In the last two weeks of December, another 469 OCBC clients fell victim to the phishing scam, with at least one family so far going public about losing their life’s savings in five unauthorised overseas transactions.
Nothing succeeds like success. So it was no surprise that scammers were then revealed to be targeting Singapore’s largest bank, DBS Bank.
On Wednesday (Jan 19), DBS released an advisory on its Facebook page that scammers impersonating the bank were targeting clients via SMS phishing.
“Please do not click on any SMS with clickable links. DBS will never ask for your account details or OTP over the phone, email or SMS. Please be assured that we are actively taking down such phishing sites,” said DBS.
In response to the issue, more than a few concerned netizens highlighted that the push for digitalisation through e-tokens, internet banking and third-party payment platforms might pose problems for those who are less tech-savvy, such as elderly clients.
“How is an elderly member going to differentiate between a real DBS SMS sending them OTP and a scam phishing SMS that clearly states ‘DBS’ with a DBS link, when they can barely tell the difference between a MacBook and a laptop?” asked a Facebook user.
“If there is no means to identify the source of a message in SMS environment, why are banks even using them? It is unfair and there is no way for the general public, especially the uneducated or the elderly to clearly identify such differences. Not everyone is tech-savvy,” added another concerned individual.
Based on a comment made by a client on its advisory, DBS has turned off SMS alerts to clients since Wednesday evening, as part of tightened measures.
The sample SMS from DBS looked like the screenshot below:
One of the most forthright criticisms came from Mr Leslie Fong, former editor of The Straits Times, who expressed cogently what many people are thinking: “It is not enough to keep asking us taxpayers and customers to be vigilant. Be very careful, we are told. That’s it? Is that all they can do?”
Mr Fong said in a lengthy public post on Facebook on Wednesday that he wondered “whether MAS, the cybercrime sleuths in the police force, all the three major telcos, all the banks in Singapore and whichever relevant government outfit have set up a joint task force to tackle such crimes“.
He questions specifically what the banks and the telcos have done to block the scammers, and asks pointedly: “Have they even tried?”
He concludes: “If in the end, the combined might of all our agencies cannot do a damn thing, then maybe we should think twice before charging ahead with rapid digitalisation of banking and all types of services, which entails making citizens who are not tech savvy go cashless. Put in more safeguards, for goodness sake.” /TISG
Read related: Ho Ching shares story of OCBC scam victim, family lost their entire life’s savings
Ho Ching shares story of OCBC scam victim, family lost their entire life’s savings