Scammers Are Now Sending Fake SMSes About Fake Bank Withdrawals

The Latest Scam in Singapore: Fraudulent SMS Messages Targeting Bank Withdrawals

It’s astonishing how scammers continually concoct new schemes to relentlessly siphon money off innocent people.

Singapore Police Force (SPF) has issued yet another warning concerning a new scam variant on 29 December. This time, the scam revolves around counterfeit SMS messages falsely alerting recipients about bank withdrawals that never occurred.

In December alone, 103 people became victims of this insidious ploy, collectively losing approximately S$161,000.

Victims Receive Messages from “+65” Numbers

The deceit begins with victims receiving SMS messages from numbers that appear to be local, bearing the “+65” prefix.

The fraudulent messages are designed to resemble messages from banks, stating that unauthorised cash withdrawals have been attempted from their accounts.

Source: police.gov.sg

This actually looks pretty realistic, which is worrying to say the least.

The messages provide a link that allows victims to halt the supposed unauthorised transaction. However, once an unsuspecting victim clicks on this seemingly legitimate URL, they are swiftly redirected to counterfeit bank websites.

The victims would be prompted to enter their internet banking credentials and one-time passwords (OTPs).

Unbeknownst to the victims, the scammers would gain access of their accounts and use it to make unauthorised withdrawals.

The victims would not realise that they had been scammed until they find the unauthorised transactions in their accounts.

The plot doesn’t stop at fake SMS messages; some scam cases have also surfaced on WhatsApp. Scammers, adopting the guise of bank officers, provide counterfeit bank statements that depict unauthorised transactions. The realistic appearance would make it challenging for victims to discern the scam.

Police Advisory Against Scams

The police advised the public to implement security measures such as enabling the two-factor or multifactor authentication for bank accounts and e-wallets. These additional layers of protection offer enhanced security for users engaged in online and mobile banking activities.

Additionally, individuals can establish transaction limits for internet banking transactions, providing an extra layer of security against potential breaches.

Furthermore, the police emphasised that banks do not send clickable links via SMS and issued a stern warning against divulging personal or banking credentials to anyone, particularly those claiming to be bank officers.

If you discover any unauthorised transactions in your account, report it to your bank immediately.

How to Detect Phishing Scams

Despite the escalating ingenuity and realism of these scams, there are still ways to spot phishing attempts.

Some telltale signs that a website is fraudulent include misspelled URLs.

Moreover, scammers often employ a “spoofing” tactic to integrate their fraudulent messages into the same thread of messages from legitimate organisations.

Do exercise vigilance and remember that if you were to receive a message with links from a “bank”, it is most likely a scam.