Reports of unauthorised online banking and card transactions in Singapore jump 460% in 2020

Many victims have been tricked by crooks into revealing their user IDs, passwords, OTPs or credit card details.
Many victims have been tricked by crooks into revealing their user IDs, passwords, OTPs or credit card details.PHOTO: ST FILE

SINGAPORE - The number of unauthorised online banking and card transactions jumped sharply last year amid the Covid-19 pandemic.

There were 1,848 police reports of such transactions involving criminals phishing for banking and card details from victims - up 462 per cent from 2019's 329 cases.

There were just 114 incidents in 2018, said Transport Minister Ong Ye Kung, who is a Monetary Authority of Singapore (MAS) board member, on Tuesday (Feb 16).

He was speaking in Parliament on behalf of Senior Minister Tharman Shanmugaratnam, who is Minister-in-charge of the MAS.

The update comes after the police said earlier this month that the number of scams reported last year also hit a high, climbing 65.1 per cent from 2019, with fraudsters swiping around $201 million from victims.

E-commerce scams, the most commonly reported type of scams last year, jumped 19.1 per cent from 2019 to 3,354 reported cases, partly due to the increase in online transactions amid the pandemic.

While banks must implement controls such as multi-factor authentication using one-time passwords (OTPs) to keep online transactions secure, these measures cannot eliminate all scams.

Many victims have been tricked by crooks into revealing their user IDs, passwords, OTPs or credit card details, said Mr Ong.

Financial institutions will never ask customers for their log-in information, like OTPs.

Mr Ong noted that some account holders have recently reported that online transactions have been made through their accounts even though they did not receive any SMS OTPs or did not reveal OTPs to other people.

The police and banks are investigating these cases.

"As a precaution, the banks have put in place additional measures, such as rejecting card payments made to some commonly disputed merchants, or placing limits on the transaction amounts that customers can transact with such merchants," said Mr Ong.

A person who suspects an unauthorised online transaction should make a police report and contact the bank immediately. The customer will not bear any financial loss even if the unauthorised transaction was due to lapses by the bank or non-compliance with MAS rules.

But this is provided the customer has "practised proper cyber hygiene and has not been negligent", said Mr Ong, whose remarks came in response to a parliamentary question on unauthorised online bank transactions by Dr Tan Wu Meng (Jurong GRC).

"It is very important that consumers treat their online banking log-in information, including OTPs, as they would their ATM PINs."