BRANDED CONTENT

Here are some measures you should take for more secure digital banking

As Chinese New Year approaches, police warn of increase in e-commerce scams

To fight malware-enabled scams, banks in Singapore have introduced multiple measures to safeguard customers. PHOTO: GETTY IMAGES
Kareyst Lin, Content STudio
Updated
Jan 21, 2024, 04:00 AM
Published
Jan 21, 2024, 04:00 AM

Concerned about the rising incidents of malware scams early last year, Ms Jasmine Chye acted swiftly.

The 35-year-old digital marketing manager transferred 30 per cent of the money from her three bank accounts into investment platforms.

Each of her bank accounts serves a different function: One for crediting salary, another for bill payments, and the third for miscellaneous savings. She left three months’ worth of salary in these accounts for emergencies.

The funds transferred were her way of locking her money, which were spread across robo-adviser Autowealth and online trading platform Poems.

Ms Chye admits that the move was not a strategic one, as all investments carry some level of risk and do not guarantee full returns. “In my savings accounts, I was earning decent interest each month.”

But she felt it was necessary.

Why? The Android user explains that all her bank accounts can be accessed via her mobile phone. Malware scams typically target devices running on the Android operating system.

Beware of investment scams

In the first half of 2023, there were over 750 reported cases of scam victims downloading malware onto their phones, according to figures from the Singapore Police Force (SPF).

Victims mostly responded to advertisements for services or products on social media platforms such as Facebook and Instagram.

Under the pretext of payment, scammers would send the victims a URL link over the messaging platform WhatsApp, which leads them to download an Android application that contains malware.

After the victims have downloaded the file to their smartphone, scammers would be able to obtain the victims’ internet banking credentials and credit card details.

Ms Chye says she came across the “tip” on a social media post about malware-enabled scams. A commenter suggested that transferring funds from bank accounts to investment platforms as a precautionary measure.

While Ms Chye’s investment platforms can be accessed via mobile apps, the withdrawal process makes it hard for scammers to get the money.

She explains: “An account manager from the platform will make a phone call to confirm the withdrawal before it is approved, and it takes up to three working days for the money to be disbursed.”

Malware scams on the rise

Protect your pocket

To fight malware-enabled scams, banks in Singapore have introduced multiple measures to safeguard customers.

The rationale behind Ms Chye’s actions is similar to the “money lock” feature rolled out by DBS, OCBC and UOB last November.

It allows customers to block part of their savings in a bank account from digital transactions. Once locked in, the money cannot be transferred through digital means, making it harder for fraudsters to drain money out of a bank account they have taken control of.

Unlike the investment platforms that Ms Chye used, funds secured using the money lock feature can only be withdrawn or transferred in-person at an ATM or at a branch, depending on the bank.

To date, the feature has been activated on around 38,000 accounts, with over $3.2 billion locked up, says Ms Ong-Ang Ai Boon, director of the Association of Banks in Singapore (ABS).

“While the ‘money lock’ approach taken by banks varies, they share a similar objective of protecting customers from scams by adding a layer of safeguard should their digital access to bank accounts be compromised.”

Other anti-scam measures introduced by the Monetary Authority of Singapore (MAS) and the ABS include:

  • An anti-malware measure on banking apps that can detect the presence of malware on customers’ devices and trigger additional actions, such as blocking access to the banking app
  • An emergency self-service “kill switch” that lets customers immediately suspend online and mobile access to bank accounts they suspect to have been compromised
  • Removal of clickable links in SMSes or emails sent by banks to customers
  • Default threshold of $100 or lower for funds transfer transaction notifications
  • A delay of at least 12 hours to activate a new soft token on a mobile device

“The techniques employed by scammers are constantly evolving, in terms of variety and sophistication,” says a MAS spokesman.

This means no single measure is foolproof, and safeguarding the public requires “a combination of measures in prevention, detection, response and recovery”. Banks will also have to constantly review and recalibrate these measures, the MAS spokesman adds.

Festive frauds

With Chinese New Year around the corner, the police warn of an anticipated surge in e-commerce scams coinciding with the traditional rise in shopping for festive items and short vacations.

Police Superintendent Matthew Choo, assistant director of the Scam Public Education Office, SPF, notes that e-commerce scams come in various forms.

These include “the simple ‘payment but no goods received’, and phishing for your bank and credit card details leading to unauthorised transactions, to malware-enabled scams”, where there could be more losses.

To protect against scams, the public should take a variety of precautions, says Police Superintendent Choo.

This is part of a series titled "Act against scams", in partnership with the Singapore Police Force.

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top