Anti-SMS spoofing: What it is and why there is no mandate for it yet in Singapore

The SMS sender name "OCBC" was spoofed by scammers, who lured victims to click on fraudulent links to access a fake banking website. PHOTO: ST FILE
Gift this subscriber-only story to your friends and family

SINGAPORE - Victims of a massive bank scam rampant last month were fooled because fake SMS messages appeared in the same SMS thread as genuine ones sent previously by the bank for one-time passwords (OTPs) and transaction alerts.

It turns out the SMS sender name "OCBC" was spoofed by scammers, who lured victims to click on fraudulent links to access a fake banking website. Nearly 470 customers lost at least $8.5 million, making it one of the largest scams to date involving a single bank.

Already a subscriber? 

Read the full story and more at $9.90/month

Get exclusive reports and insights with more than 500 subscriber-only articles every month

Unlock these benefits

  • All subscriber-only content on ST app and straitstimes.com

  • Easy access any time via ST app on 1 mobile device

  • E-paper with 2-week archive so you won't miss out on content that matters to you

Join ST's Telegram channel and get the latest breaking news delivered to you.