Police warn of fake DBS Bank and SIA websites phishing for personal details
SINGAPORE – Several victims have reported being cheated into providing personal information and credit card details on phishing websites purporting to be DBS Bank or Singapore Airlines (SIA), the Police said in a press release on Wednesday (Dec 20).
SINGAPORE – Several victims have reported being cheated into providing personal information and credit card details on phishing websites purporting to be DBS Bank or Singapore Airlines (SIA), the Police said in a press release on Wednesday (Dec 20).
According to the Police, the victims only realised the websites were fake and they had been scammed when they realised unauthorised transactions made in foreign currencies were charged to their credit cards.
Phishing websites are websites that attempt to steal an individual’s account password or other confidential information by making the user believe that it is a legitimate website.
In some cases, the victims received an email from “DBS Bank” informing them that their ibanking accounts had been locked after multiple failed login attempts.
In other instances, the victims received emails from “Singapore Airlines” requesting them to participate in a customer satisfaction survey with the promise of a “reward”.
Victims were asked to click on a link in the email and follow instructions to unlock their accounts or complete the survey. They were then be directed to a website resembling a genuine website of the company and asked to enter their personal information and bank account details such as their credit card number and card verification value for verification purposes.
The victims also received a One-Time Password (OTP) on their mobile phones which they were prompted to key into the website.
Subsequently, they received SMS notifications of foreign transactions made on their credit cards.
Police did not reveal the number of cases that have been reported so far.
When contacted, a DBS spokesman said the bank is aware of the phishing sites. “We actively alert our customers to any unusual internet banking login experience that may be caused by phishing or malware intrusions via our website http://www.dbs.com.sg/security,” he said.
The bank added that if customers detect any “unusual activity”, they should inform the bank promptly, so that they are able to take the necessary action to protect them from incurring any loss.
“Customers are reminded never to give out their userID, iBanking pin or OTP over the phone or via email and DBS staff will never ask for such information,” the spokesman said.
Meanwhile, SIA said in a Facebook post that customers should exercise discretion when revealing personal data or credit card details online to unverified sources and should verify such emails and phone calls if they have any doubts and lodge a police report.
The Police also stressed that the public should take preventive measures such as being wary when they are asked to disclose personal information and bank account details over the Internet.
Individuals should also be aware of phishing websites that may look genuine.
“Look for signs that you are using a legitimate or secure website,” said the police. “These websites are generally encrypted to protect your details.”