Skip to main content



Authorities and telcos could have done more to prevent OCBC scam

I refer to the article "MAS considers action against OCBC for phishing scams".

I refer to the article "MAS considers action against OCBC for phishing scams".

To be fair to OCBC, the phishing scam is not entirely its fault alone. Many other parties, including the Monetary Authority of Singapore (MAS) itself, could have been more proactive and innovative in preventing scams but this was overlooked or neglected by all parties until a major occurrence in December 2021. 

In the current phishing scam, the scammers spoofed the OCBC sender identity (ID) to send SMSes to the victims.

In other places, such as Hong Kong and Qatar, it is already mandatory for an organisation to be registered before they can use an SMS ID header.

Here, MAS and the Infocomm Media Development Authority (IMDA) launched the Singapore SMS SenderID protection registry pilot scheme only in August last year as part of efforts to counter spoofing scams.

Why didn't IMDA or MAS make this compulsory years ago? This could easily have prevented the latest scam.

Scammers not related to OCBC would not have been able to send an SMS with an "OCBC" ID header if the right regulations were already in place.

As of now, anyone with enough IT knowledge can still send an SMS with fake ID headers to continue scamming vulnerable victims who can easily be tricked as such messages will appear in the same thread as genuine SMSes from the real organisation.

Also, many scammers originate from overseas and IMDA and the telcos should have acted earlier to warn Singaporeans of SMSes originating from overseas.

For example, IMDA could have instructed telcos to configure their systems to prefix every SMS originating from overseas with these two words "OVERSEAS SENDER" in caps.

This is akin to prefixing every overseas call with a "+65" to alert the public of a potential scam call.

It was also reported by some victims that the OCBC staff were slow in preventing the illegal transfers from being carried out whilst they were reporting them to the call centre or at the bank branches.

MAS and all banks should come up with a secure and fast system to allow a user to stop all banking functions on their accounts whilst they suspect a scam is going on.

We need the authorities, telcos and banks to think and act ahead of scammers and be more creative and innovative in their solutions to prevent future scams which could be even more sophisticated.

Victims who have lost money in such high-tech scams are not entirely at fault when the authorities, telcos and banks are not doing enough to prevent them.


Have views on this issue or a news topic you care about? Send your letter to voices [at] with your full name, address and phone number.

Related topics

OCBC scam phishing crime MAS OTP bank SMS

Read more of the latest in




Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.