Phishing scams spike as more people rely on digital services

Did you receive an e-mail or text message from Netflix asking you to update your payment details? Do not click on it - it is most likely a phishing scam, as the streaming giant does not ask for credit card or bank account details via e-mails and text messages.

With more people turning to popular online services such as Netflix while they stay at home amid the Covid-19 pandemic, scammers have been targeting these users, leading to a spike in non-banking-related phishing scams this year.

Police told The Straits Times that 238 non-banking-related phishing scams were reported between January and June, a huge jump from the seven reported in the same period last year. There are likely to have been more of such scams since June.

In the first half of this year, the amount of money lost to such scams was about $268,000, which is 67 times the $4,000 lost during the same period last year.

Besides impersonating Netflix staff, scammers also sent phishing e-mails pretending to be from SingPost, StarHub and PayPal, as more people turn to digital options to do everything from remote work to shopping and entertainment.

Mr Stephan Neumeier, managing director for Asia-Pacific at cyber-security firm Kaspersky, told The Straits Times: "Cyber criminals are taking advantage of this seismic shift in digital habits to launch social engineering attacks such as phishing e-mails. By including hot topics and phrases related to their online activities like shopping and streaming entertainment in their messages, the chances of an unsuspecting user clicking infected links or malicious attachments increase tremendously."

Phishing scams work through convincing impersonations that trick victims into giving sensitive banking details and passwords.

A spokesman for the Cyber Security Agency of Singapore (CSA) advised members of the public to stay vigilant and be wary of e-mails or text messages that use "urgent language", such as threats of being logged out of their accounts if they do not update their account details or payment information promptly, or offers that may sound too good to be true.

Users should not respond to such requests or click on any unknown links, or provide their personal details, financial information or passwords, if they are unsure of the authenticity of the request, added the CSA.

E-mail or text messages that appear to be from online services such as Netflix asking for your payment details are most likely phishing scams, as the streaming giant does not ask for credit card or bank account details via e-mails and text messages. PHOTO: SINGAPORE POLICE FORCE

Last Friday, the police warned in an advisory that as year-end online shopping events approach, members of the public may be exposed to more phishing scams as fake online offers become more widespread.

A version of this article appeared in the print edition of The Straits Times on September 23, 2020, with the headline 'Phishing scams spike as more people rely on digital services'. Subscribe