Is the text from OCBC really from OCBC?
Not to worry, as more measures will be enacted within the next fortnight to boost the security of digital banking.
Here are 10 facts about the new measures banks have to follow.
Why Now?
For those confused as to why scams are such a big deal now: it is all because of the recent OCBC phishing scam. At least 469 people have been scammed by SMSes pretending to be OCBC Bank since December 2021. A total of $8.5 million was also lost in December alone.
To know more about the scam, watch this to the end:
OCBC has since been under fire for their substandard response and customer support, and the Monetary Authority of Singapore (MAS) is considering taking action against OCBC’s negligence.
OCBC announced that they’ll be making goodwill payouts to scam victims. Recently, DBS has also started alerting customers of potential scam messages.
With a rise in the severity and number of phishing scams, here are some of the measures all banks will have to adopt by the next two weeks.
No More Clickable Links in SMSes or Emails
The recent OCBC scams involved scammers sending customers a link to a cloned version of OCBC’s website. Customers would then enter their digital banking information to resolve any “issues” with their account.
Now, banks will be required to eliminate any clickable links in SMSes or emails to customers. If you still receive any correspondence by banks with any links in it, you’ll know for sure that it’s a scam.
Default Limit of $100 or Lower for Funds Transfer Transaction Notifications
Many scam victims didn’t realise that their accounts were compromised… till they received notifications that tens of thousands of dollars were being transferred.
Needless to say, the victims must have gotten the shock of their lives.
Now, with a limit of $100 or lower, you’ll always know if there are any unauthorised transactions from your account even before your losses hit a hundred.
At Least 12-hour Delay Before Activation of New Soft Token on Mobile
Some scam victims have reported that the scammers activated their OneToken to increase their transaction limits. OneToken is OCBC’s digital authentication tool for e-transactions.
Learning from this lesson, all banks will have to implement a 12-hour delay before any activation of new soft tokens online. This ensures that the victim and the banks have enough time to verify the legitimacy of the activation request before the scammers drain their bank accounts.
Cool-Off Period Before Implementation of Important Account Changes
Many scammers also changed the victims’ account settings like their mobile numbers or emails registered with the bank. This allowed the scammers to have full control of the account.
Even though the victims received messages alerting them of these account changes, the immediate implementation meant that by the time victims could contact OCBC, the scammers already held full control.
There will now be a delay between the request for account changes and the actual changing of account details. This gives customers more time to take action against unauthorised changes.
More Frequent Scam Education Alerts
After the bank detected the scam in early December last year, it had issued multiple alerts and warnings to customers through various mediums. For instance, they sent SMS messages to all customers on 30 December last year and 4 January this year.
You might be seeing more of such messages and alerts soon, as all banks will be required to increase the frequency of their scam education alerts.
Join our Telegram channel for more entertaining and informative articles at https://t.me/goodyfeedsg or download the Goody Feed app here: https://goodyfeed.com/app/
Dedicated and Well-Resourced Customer Service Teams for Scams
One of the main complaints the scam victims had was that OCBC’s customer service hotlines were slow and unequipped to handle the scams.
This has been rectified, as every bank from now on will be required to have customer service teams dedicated to dealing with scams. Dealing with potential fraud cases will also be moved up on the banks’ priorities.
Adoption of SMS Sender ID Registry to Prevent Spoofing
Scammers can pretend to be OCBC by cloning a legitimate sender ID via SMS, also known as spoofing. This allows the scammer’s SMS to look like it is from the Bank, thus appearing in the same thread as the bank’s real SMSes.
However, spoofing may soon be a thing of the past.
Banks will now be registering their SMS sender IDs with the Infocomm Media Development Authority (IMDA). SMS messages from unauthorised usage of registered IDs will be blocked so that only official messages will appear in the same thread!
Fraud Surveillance Mechanisms To Be Strengthened
The MAS is doubling up its checks on major financial institutions’ fraud surveillance processes.
This can thus ensure that all institutions are prepared to deal with the rising threat of online scams.
Customer Vigilance Is Still The Most Important!
Despite the banks’ and authorities’ best efforts, sometimes scammers may still be able to slip through the cracks.
Customer vigilance is ultimately the most important tool of them all to combat scammers. Here are some guidelines to follow so that you don’t fall prey to a scam:
- Do your banking only at the banks’ official website or mobile apps. Key in the bank’s URL into your browser instead of clicking on links sent via SMS or email!
- Information like log-in details or one-time passwords should not be given to anyone, nor keyed into any unverified websites.
- Do not transfer money to strangers.
- IOS users can also download the ScamShield app, which is an app by the Singapore authorities that blocks scam messages and calls.
Hopefully, with enhanced measures in place, there will be fewer scam victims for the rest of 2022.
Read Also:
- DBS Warns of New SMS Phishing Scam That Claims That Your Account Is Suspended
- 10 Facts About the OCBC SMS Phishing Incident That Has Reportedly Wiped Out Some People’s Life Savings
- MAS Considering Taking Action Against OCBC For Phishing Scams
- OCBC Has Been Making Goodwill Payouts to Victims of OCBC SMS Phishing Scam
Featured Image: Kenishirotie / Shutterstock.com
Here’s a simplified summary of the South Korea martial law that even a 5-year-old would understand:
Read Also:
- Salon Allegedly Charged $880 Treatment Package to Elderly Who Has Hearing Difficulties
- Man Replaces M’sia-Registered Car With a S’pore Plate & Drives It Without a Driving Licence
- Confirmed: Allianz Withdraws Its Offer to Buy Income Insurance
- 10th Floor Resident Leaves Baby Stroller On Air Conditioner Compressor
- $400 Worth of Durians Delivered to Customer; Customer Allegedly Takes Durians Without Making Payment
- Woman Borrows Touch ‘N Go Card From S’pore Driver to Cross JB Checkpoint & Didn’t Return Card
Advertisements