MAS warns of e-mails asking for bank account information, in wake of rising phishing attempts

The Monetary Authority of Singapore said consumers should "exercise utmost caution" when dealing with phishing e-mails.
The Monetary Authority of Singapore said consumers should "exercise utmost caution" when dealing with phishing e-mails.PHOTO: REUTERS

SINGAPORE - Be wary of e-mails asking for sensitive information related to bank accounts, the Monetary Authority of Singapore has warned consumers in a statement on Sunday (May 6).

The authority said consumers should "exercise utmost caution" when dealing with such e-mails, as it has seen a rise in the number of phishing attempts over the past week.

Phishing is a way of obtaining sensitive personal information such as one's banking account details, PIN, one-time passwords (OTP), credit card number, user ID or password through the Internet, in order to perform unauthorised banking transactions. 

These e-mails are purportedly from banks, asking consumers to update their personal particulars including information on their bank accounts, online banking user names and passwords, said MAS.

Some of these e-mails also claim that it is an MAS requirement for bank customers to do so.

  • Steps to protect against phishing

  • - Your bank will never send you e-mails asking you to divulge any confidential or personal information. 
    - Never reveal your PIN or OTP to anyone. No bank would ever ask for your PIN or OTP via e-mail or phone. 
    - Do not click on any link to log on to bank websites or open attachments in e-mails purportedly sent to you by your bank, credit card issuer or service provider. Instead, always enter the full URL or domain name into your address bar. 
    - Check your bank's website regularly for more information on announcements and advisories related to Internet security. 

    Source: Monetary Authority of Singapore

However, the MAS said: "Customers who receive such e-mails should not follow the instructions of the senders and should report them promptly to their banks."

The authority added that all financial institutions are expected to take action to protect their consumers, and promptly alert their customers of any phishing activity and remove phishing websites that target their customers.

Those who suspect that their user name, personal identification numbers or security tokens have been compromised, or if they identify any suspicious activities on their banking accounts, should contact their banks immediately, said MAS.

Consumers can refer to the MoneySense website, the Government's national financial education programme, for more tips to guard against phishing activities, MAS added.