SMS on termination of ElderShield policies legitimate: CPF Board

An SMS message sent to Central Provident Fund (CPF) members on Friday informing them that their ElderShield insurance policies have been terminated is legitimate, said the CPF Board.

The message is meant to notify CPF members that they are enrolled in CareShield Life, and that their ElderShield policies have been terminated, said the board in response to queries.

The SMS message, which contained a clickable link to the CareShield Life website, had caused some concern among those who received it. Netizens wondered if it was a scam.

Facebook user Philip Leong, in a comment on the CPF Board Facebook page, said: "I do not know if I received a scam SMS from CPF... Tried to call the help desk immediately but was put on hold for 10 minutes."

He added that he had clicked the link in the SMS message and signed in using Singpass, but the website crashed.

The CPF Board said the CareShield Life website was down for some time on Friday as too many people were trying to access it at the same time. The issue has since been resolved, said a spokesman for the board.

CPF members can check if the website domain listed in SMS messages sent by the CPF Board ends with ".gov.sg" to determine whether the link genuinely leads to a government website.

Launched on Oct 1, 2020, CareShield Life is the national disability insurance that provides monthly payouts for as long as a person is unable to do at least three of the six activities of daily living: bathing, dressing, eating, moving from bed to chair, going to the toilet, and moving around.

It is the successor to the ElderShield 300 and 400 policies, which no longer accept new applications, and is compulsory for all Singaporeans and permanent residents born in or after 1980, from the time they turn 30 years old.

Those born between 1970 and 1979 and are insured under ElderShield 400 and not severely disabled were automatically enrolled from Dec 1 last year.

SMS messages with clickable links have come under scrutiny due to an ongoing scourge of phishing scams that trick people into entering their credentials or personal information into fake websites that are made to look real.

After 790 customers of OCBC Bank lost a total of about $13.7 million in SMS scams in December, the Monetary Authority of Singapore mandated that banks here remove clickable links in their e-mails or SMS messages to customers.

Government agencies can use SMSes and clickable links in their communications, but the Smart Nation and Digital Government Group (SNDGG) said in January that it was reviewing this practice.

Government agencies must send only links that end with ".gov.sg" to help members of the public easily identify them as trusted links.

SNDGG said it will ensure all agencies adhere to this rule, and ramp up efforts to raise public awareness of how to verify valid government links before clicking on them.

It added that SMS communications have enabled access to citizens who do not own smartphones or use mobile apps, so removing clickable links for low-risk transactions could reduce people's ability to access services.