Short Message Service (“SMS”) phishing campaign targeting a Bank’s customers.
In the SMS phishing campaign, fraudsters masking as the Bank by sending fraudulent SMS messages to some of the Bank’s customers using an alphanumeric sender ID1 (“alpha tag”). The spoofed SMS alpha tag causes the victims’ mobile phones to place both phishing and legitimate SMS messages from the Bank in the same SMS conversation thread. This accords perceived legitimacy to the phishing SMS messages and increases the likelihood of victims being tricked into accessing the malicious link.
When the victim clicks on the link, he/she will be directed to a fraudulent website requesting for user credentials (i.e., username, password, One-Time Password). With these stolen credentials, the fraudster could conduct fraudulent activities such as setting up of soft token on the fraudster’s mobile devices. Once the soft token is set up, the fraudster will proceed with the adding of new payees and performing unauthorised fund transfers.
Six signs how to spot phishing instead of falling for them:
1) Mismatched and misleading information
2) Use of urgent or threatening language
3) Promises of attractive rewards
4) Requests for confidential information
5) Unexpected emails
6) Suspicious attachments
By keeping these six signs in mind and remaining vigilant at all times, you can avoid falling for phishing scams. Refer to more tips of protection at https://www.csa.gov.sg/gosafeonline/go-safe-for-me/homeinternetusers/spot-signs-of-phishing and https://www.moneysense.gov.sg/articles/2018/11/phishing-scam
If you have any doubt or want to report any suspicious/phishing email/call/transactions, call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email email@example.com.