Beware of scam e-mails about DBS or POSB digital tokens, say police and bank
Sign up now: Get ST's newsletters delivered to your inbox
In an advisory on March 27, the police and DBS Bank said there have been at least 72 cases in which at least $484,000 was lost since Jan 15.
ST PHOTO: GIN TAY
SINGAPORE – If you receive an e-mail asking you to activate or update your expired banking digital token through a clickable link, it could be a scam.
In an advisory on March 27, the police and DBS Bank said there have been at least 72 cases in which at least $484,000 was lost since Jan 15, after victims received e-mails claiming to be from DBS or POSB.
In the e-mails, victims would be told that that their digital token – an in-app authentication feature – has expired and that an activation or update would be required.
Via a link embedded in the e-mail, they would be directed to a phishing website resembling the DBS or POSB webpage.
They would then be misled into entering their banking credentials, credit or debit card details, or one-time passwords (OTPs).
Those targeted would later discover unauthorised activities or transactions in foreign currencies made in their banking accounts or cards.
The police reminded members of the public that banks in Singapore will never send clickable links via e-mails or SMSes.
Victims were told in e-mails that their digital token has expired and that an activation or update would be required.
PHOTOS: SINGAPORE POLICE FORCE
Digital tokens can be set up through only the official DBS or POSB digibank app and never through a clickable link, added the police.
DBS has taken measures in the face of evolving scam tactics.
The police said DBS has intensified its prevention efforts through co-created educational content with the police, targeted advisories on emerging scam variants, and ongoing public education on top scam typologies.
The bank also collaborates closely with the police to disrupt scam activities by surfacing phishing websites for takedowns, funds tracing and recovery, and timely case escalation, said the police.
It advised people to never disclose sensitive information such as their banking and credit or debit card credentials, and their OTPs to anyone.
Members of the public were also advised to add the ScamShield app to their mobile devices, and set up security features such as transaction limits for internet banking transactions and multifactor authentication for banks.
Those who suspect that their DBS or POSB banking or card details have been compromised should contact the bank’s fraud hotline on 1800-339-6963 or 6339-6963 immediately.
