Don't click: Police urge caution after bank impersonators scam 103 people of S$161,000

SINGAPORE: The Singapore Police Force (SPF) once again warned members of the public on Friday (Dec 29) about the resurgence of phishing scams involving the impersonation of banks through spoofed SMSes. 

At least 103 victims have fallen prey to the scams in December, with at least S$161,000 (US$122,000) lost, said the police. 

Victims of this scam variant would receive SMSes from "+65" numbers claiming to be from their bank, warning them of possible unauthorised attempts to access their accounts.

They are then urged to click on the embedded URL links to verify their identity and stop the transactions.

The URLs would direct them to fake bank websites, misleading them into providing their internet banking credentials and one-time passwords (OTPs), which the scammers would use to make unauthorised withdrawals. 

In some cases, victims would receive WhatsApp messages from scammers claiming to be bank officers. These criminals would impersonate bank security department officers and provide forged bank statements showing unauthorised transactions made in the victims' e-wallets. 

"Victims would only realise that they had been scammed when they discover unauthorised transactions in their bank accounts."

To guard against such scams, the police advised members of the public to set up security measures such as transaction limits for their internet banking transactions. They should also enable two-factor authentication or multifactor authentication for their bank accounts and e-wallets.

"Banks will never send you clickable links via SMS. Look out for tell-tale signs of a phishing website and never disclose your personal or banking credentials, including OTPs to anyone, even one claiming to be a bank officer," said the police. 

They should also report any fraudulent transactions to their bank immediately.