In case you haven’t heard, bank phishing attempts are on the rise for the past week.
MAS said on Saturday, 5 May, that they’ve observed an increase in the number of attempts over the past week.
Here are 7 facts about bank phishing you need to know. To be safe and all, y’know.
1. What exactly is bank phishing?
Okay, imagine you’re a DBS account holder with ibanking. One day, you receive an email from DBS asking you to update your particulars.
Or to input your details for any other reason.
And the email looks like a super legit one, with the logo and (sometimes) proper English.
Our eyes have been conditioned (after years of reading emails) to ignore email addresses and just look at the words in black. Well, the thing is, if you look carefully, the email address and link look legit as well.
So what happens next?
You click on the link, input your details and BAM. You’ve officially been phished.
Good luck to you.
2. It can actually be prevented if you’re diligent
Every phishing attempt has small telltale signs that something isn’t right.
It could be the email address because scammers (most probably) wouldn’t be able to create an email account with the official DBS email address.
It could be the URL of the site you are brought into.
These are signs that phishers are not able to get right, no matter what.
All that’s needed to do to thwart them, is to stay diligent and pay attention.
Something that, unfortunately, many of us fail to do because we value convenience and trust the visual cues too much.
3. POSB is Getting Attacked by Hackers, Update Your Details To Be Protected
MAS came into the picture after DBS bank told customers that a new phishing attempt has come to their attention on 3 May.
If you’re a POSB account holder, you might’ve received this email.
The email claimed that Singapore banks are under attack by hackers, causing some customers to lose their money.
It went on to say that the Monetary Authority of Singapore (MAS) has made a new law requiring all customers to update their details.
A link was provided for the customer to input their bank details in.
It ends off with a threat saying that if you don’t comply with the instructions, your account could be deactivated.
So serious?!
4. But if you slow down and think, you’ll notice something wrong
First thing first, the sender’s address and the URL of the link.
It’s a little tricky because on the surface, the email and link look legit. You see, the real link is masked by a URL that looks like original URL.
Here, try this: www.baddyfeed.com doesn’t bring you to a hater who hates us so much that he or she created the URL: it leads to our link that asks you to download our app (but seriously, download it lah, got many app-exclusive contents).
But even within the text of the email itself, there’s a couple of warning signs.
Number one, Singapore banks under attack by hackers, money stolen.
Then, isn’t it strange that it’s not in the papers? I mean, we’re talking about the death of an otter dad on the news, for goodness sake.
There should be space for something as serious as Singapore Banks getting attacked by hackers, and they’ve successfully stolen some money.
Number two, MAS enacted a new law requiring all users to update their details
Again, I repeat my point that something as big as this will definitely get on the papers. In fact, it’ll be on Facebook, STOMP, Goody Feed and everywhere else.
So if it isn’t? That should tell you something isn’t right.
And a law telling everyone to update their personal particulars?
Thankfully, there was nobody who got phished in this attempt.
5. Banks are responsible for protecting their consumers from phishing attempts
Together with their advisory for the public regarding phishing attempts, they added that banks are also expected to take care of their consumers.
If there are any phishing attempts carried out against the bank’s customers, they have to put out advisories and inform their consumers about what is going on.
They are also responsible for taking down phishing websites that target sensitive information of customers.
You must contact your bank if you suspect that your account has been compromised, or you spotted suspicious transactions.
DBS announced that they’ve removed the phishing website on Thursday. The spokesperson added that they’ve been actively taking down phishing websites constantly.
Call them at their hotlines, 1800 111 1111 for personal banking or 1800 222 2200 for business banking.
6. This is the Seventh Time DBS Customers Are Facing Phishing Attempts in 2018 (and it’s only May)
Attempts to cheat the customers are nothing new to the bank. In 2018 alone, DBS has experienced 7 such attempts before the latest phishing scam.
23 Jan 2018
Emails possibly containing malware are sent to DBS customers as “Payment on behalf of a customer”.
Once they’ve clicked into any of the links, the malware will be installed on your device. And it will proceed to steal passwords, other information and virtual currencies.
27 Jan 2018
A phishing website mimicking DBS’s ibanking login page was discovered. Customers who clicked on phishing emails will be directed to this page where they’ll input their ibanking details.
3 Mar 2018 (First posted on 12 Dec 2017)
DBS shared about new phishing emails targeting DBS cardholders. The email will bring customers to phishing websites designed to steal your credit card information.
8 Mar 2018
DBS customers received emails telling them about a ‘login format change’ and asked for their details.
Once they click on the link provided by the email, they’re directed to a phishing site asking for iBanking login ID, password, credit card and other personal information.
23 Mar 2018
Customers are told that their accounts are put on hold while they verify their information.
2 Apr 2018
DBS customers receive an automated call that tells them that their account is disabled. They’ll have to follow the instructions on the line to be connected to an operator.
The operator will then find out the customer’s detail about his logins, PINs, OTPs or credit card details or to conduct advance fee fraud.
30 Apr 2018
DBS customers received an email asking them to participate in an online survey for rewards.
They bring people into malicious pages where they can steal your personally identifiable data, username-password combinations ,OTPs or infect your device.
7. Sensitive information will never be asked for over the phone or email
Now, before we end things here, remember this point.
Any legit company will tell you that, for security purposes, no personal or security detail will be asked for over the phone or through email.
In the recent DBS phishing case, the spokesperson said that customers must not give out their userID, iBanking PIN or OTP over the phone or email. And their staff knows not to ask for it as well.
I know I’m repeating myself but this is important. It’s super important that you check the URL of the website you’re brought to before putting in any important information.
Even better, don’t use the link provided by the email. Input the URL manually (or from your bookmarked websites) in your default browser instead.
Stay safe, people!
It’s already very sad that we’re earning barely enough to survive in Singapore. Let’s not get our hard earned money cheated by scammers, okay?
There’s a very fake news about Robert Downey Jr. and surprisingly, it is still gaining traction online.
Read about this topic in our app now (this is an app-exclusive content so you can’t read it on our website or Facebook)! Here’s how our app looks like:
Plus there are many other app exclusive contents, too; download the free app now!
Over in TikTok, there’s a drama involving property agents that’s caused by us. Here’s what happened:
Read Also:
- A Yishun “Landlord” Who’s Not a Landlord Took $1,000 Deposit & Allegedly Banished a Knife When Prospect Requested Deposit Back
- Taxi Slams into Woman Who Jaywalks While Looking at Her Phone at Orchard Road
- Woman Took an Empty Bowl in a Noodles Stall Without Permission, Leading to a Shouting Match
- 3 Shops In Singapore To Custom-Make Affordable Charm Bracelets & Necklaces
- Soon, Your Bank Accounts Could be Restricted If You’re a Potential Scam Victim
- Man Manages To Forge Over 460 Grab Receipts to Claim Over $16,400 From His Company
Advertisements
