Security Alerts & News

Short Message Service (“SMS”) phishing campaign targeting a Bank’s customers.

 

In the SMS phishing campaign, fraudsters masking as the Bank by sending fraudulent SMS messages to some of the Bank’s customers using an alphanumeric sender ID1 (“alpha tag”). The spoofed SMS alpha tag causes the victims’ mobile phones to place both phishing and legitimate SMS messages from the Bank in the same SMS conversation thread. This accords perceived legitimacy to the phishing SMS messages and increases the likelihood of victims being tricked into accessing the malicious link.

 

When the victim clicks on the link, he/she will be directed to a fraudulent website requesting for user credentials (i.e., username, password, One-Time Password). With these stolen credentials, the fraudster could conduct fraudulent activities such as setting up of soft token on the fraudster’s mobile devices. Once the soft token is set up, the fraudster will proceed with the adding of new payees and performing unauthorised fund transfers.

 

Six signs how to spot phishing instead of falling for them:

 

1) Mismatched and misleading information

2) Use of urgent or threatening language

3) Promises of attractive rewards

4) Requests for confidential information

5) Unexpected emails

6) Suspicious attachments

 

By keeping these six signs in mind and remaining vigilant at all times, you can avoid falling for phishing scams. Refer to more tips of protection at https://www.csa.gov.sg/gosafeonline/go-safe-for-me/homeinternetusers/spot-signs-of-phishing and https://www.moneysense.gov.sg/articles/2018/11/phishing-scam

 

If you have any doubt or want to report any suspicious/phishing email/call/transactions, call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com.

As the number of scam cases are on the rise, do note to be vigilant and rational when remitting funds overseas. Please DO NOT proceed with the remittance transaction if you do not know the identity of the beneficiary or are unsure on the purpose of the remittance.

 

If you believe that you are a victim of scam/fraud, please call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com

Smart Phone have features that allow data synchronisation between the mobile device and online storage or cloud services in near real time. Information that could be synchronised includes SMS, email, etc.

 

For smart phone users who have enabled the data synchronisation feature, sensitive information sent via SMS or emails by financial institutions (FIs), such as one-time passwords (OTPs), can be accessed by criminals if their login credentials to the online storage or cloud services have been compromised.

 

Exposed OTPs together with online banking credentials or credit card information that had been harvested from the customers can potentially be used by criminals to perform fraudulent financial transactions.

 

Users are advised to secure their mobile devices and related online accounts. To mitigate the impact from such cybercrimes, user can adopt good cyber hygiene measures:

• Do not submit personal (user id, passwords etc.) or financial (card details, account number etc.) details on unknown website or links
• Never share sensitive/confidential information on Social Media
• Review your privacy settings and permissions on all devices and social media platforms, and adjust your privacy settings as appropriate.
• Change password regularly, using combination of upper case, lower case, numbers, and special characters.

 

If you have any doubt or want to report any suspicious/phishing email/call/transactions, call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com.

Reports have indicated that over 533 million Facebook users' data was recently leaked online, including data from over three million users based in Singapore. The leaked information comprised mainly the Facebook users' mobile number, profile name, profile ID and location. Some users' date of birth and email address were also included.

 

Threat actors may use the leaked information to conduct phishing and other social engineering attacks, which is already elevated in the Work From Home scenario. Facebook users should remain vigilant and look out for unsolicited phone calls and messages sent over SMS and instant messaging applications such as WhatsApp.

 

Threat actors may also use Caller ID spoofing technology to impersonate the Facebook user and conduct further attacks, such as:

• Impersonating the Facebook user to send malicious/phishing links, request for money transfers, or ask for One-Time Passwords (OTP) to compromise their contacts' accounts
• Using the Facebook user's details to compromise the user's other accounts, such as resetting passwords to other online accounts, or leverage additional easily obtainable personal information about the user to request for a replacement credit or ATM card
• Using the Facebook user's contact details to order goods and services, or make purchases under their name

 

Users should still watch out for possible phishing campaigns arising from this leak. Practising good cyber hygiene measures can help mitigate the impact:

• Be vigilant about phishing attempts. Always be wary of suspicious emails and verify before clicking any links or downloading any attachments, especially if the email comes from an unfamiliar sender. Do not go by sender’s name, check the full email address, including the domain name.
• Look for spelling errors in email address, domain name and websites.
• Change your passwords regularly; use a strong password of at least 12 characters which includes upper case, lower case, numbers and/or special characters. Avoid using the same password for different accounts, or using passwords that are derived from your Personally Identifiable Information (PII).
• Turn on login alerts, if available. The platform should send you an alert when someone logs into your account from an unrecognised device or browser. Review any unrecognised login sessions for unusual account activities such as activating email forwarding rules to unknown accounts.
• Be cautious in opening attachments, even if the sender appears to be known. You can hover the mouse over the link to ensure that they are being directed to the URL stated. Never open attachment with ".exe", ".bat", and “.vbs" extension.
• Do no submit personal or financial details on unknown websites or links. If there are such requests, do no click the links on email, go directly to the websites by typing URL or by following saved bookmarks.
• Beware of emails, links providing special offers like Covid-19 testing, vaccination, attractive prizes, rewards, and cash back offers. Remember nothing comes free.
• Review your account privacy settings and permissions, and adjust your privacy settings as appropriate.

 

If you have any doubt or want to report any suspicious/phishing email/call/transactions, call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com.

Date:31 July 2018

 

Description: SingHealth has reported a data breach affecting more than 1.5 million SingHealth patients. Patient data stolen included personally identifiable information such as Name, NRIC numbers , address, gender, race ,date of birth.

 

Customers are advised to be alert. Stolen credentials may be used to conduct social engineering and phishing scams. Such scams utilize personally identifiable information to appear legitimate.

 

How can you protect yourself from this?

1. Be alert. Do not provide personal or bank information to unsolicited callers.
2. Never give out any sensitive personal information (including login passwords or one-time passwords) over the phone or via email. Our staff will never ask you for such information.
3. Hang up and call ICICI Bank directly if you are in any doubt of a call, SMS or email’s validity. Call us at 8001012553 (8 am to 6 pm), if you receive such calls.

 

Date: 18 April 2018

 

The Singapore Police have received reports regarding WhatsApp accounts being taken over by scammers. Victims would first receive a WhatsApp message from one of their contacts, whose WhatsApp account might have been compromised, requesting for WhatsApp account verification codes that they have received via SMS to be sent to him/her. The victims would subsequently lose access to their WhatsApp account once the WhatsApp verification codes are sent to the scammers.

 

In a variant of the scam reported overseas, the scammers used the compromised accounts to deceive the account holders’ contacts into purchasing gift cards and sending over the password for the cards. The scammers then sold the gift cards online.

 

Members of the public are advised to adopt the following crime prevention measures:

1. Beware of unusual requests received over WhatsApp, even if they were sent by your WhatsApp contacts;
2. Always call your friend personally to verify the authenticity of the request if in doubt;
3. Protect your WhatsApp account by enabling the ‘Two-step Verification’ feature, which is available under ‘account’ in the ‘settings’ tab of your WhatsApp application. This would prevent others from compromising your WhatsApp account. 

 

 

Anyone with more information on such scams can call the Police hotline at 1800-255-0000, or dial ‘999’ for urgent Police assistance in Singapore. 

 

To seek scam-related advice, members of the public may call the Singapore National Crime Prevention Council’s anti-scam helpline at 1800-722-6688 or visit www.scamalert.sg.

Date: 7 July 2016

 

Threat Type: Malware/Phishing

 

Description: There is a malicious email campaign targeting customers of the Bank. The email(s) may come  from fake email account(s) having an attachment containing a variant of banking malware , that exploits macros in Microsoft Office to infect the computer. If  you (as the recipient of such email) click and open the document/ attachment, a macro embedded in the document/ attachment surreptitiously triggers a download of the such banking malware, enabling it to first steal banking credentials (like User ID, PIN, Secure PIN, SMS OTP and so on) and then initiate financial transactions on his/her behalf.

 

Who might be at risk?
Internet banking users.

 

How can you protect yourself from this?

1. Be alert. Do not download or open attachments found in suspicious emails and do not reply to the sender either.
2. Protect your computer by using an anti-virus software and anti-spyware software that are set to perform automatic updates daily.
3. Do not reveal or provide your Internet banking username, password or token PIN to anyone.

 

 

Please inform our customer centre at 8001012553 or +65 67239009 (when calling from overseas) immediately if you notice unknown transactions appearing on your account. Customers are also encouraged to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, customers are advised to turn them on.

Phishing is a way of obtaining sensitive personal information such as account details, PIN and password through the internet. Anyone with these details can perform unauthorized transactions on your account.

 

Of late, there has been an increase in phishing attempts on Financial Institutions (FIs) customers’ via SMS and emails. Scams are common through SMS/emails which are often convincing and appear to come from legitimate senders. These messages entice their targets to click on links or attachments. When the user clicks on the links or attachments, he/she is directed to a fraudulent website requesting for personal information such as credit card numbers or user credentials
(e.g., user account, PIN, One-Time-Password). With these stolen credentials, fraudsters then attempt to access the user’s online accounts to perform unauthorised transactions, which, in turn, facilitate theft or fraud.

 

Beware of Bogus Emails or SMS
Phishing SMS and emails would appear to be sent by ICICI Singapore requesting for you to click on a link to verify your account, receive an incoming payment or prevent deactivation of your account. When you click through, you will then be brought to the fraudulent website. Please note that ICICI Singapore does not reach out to clients and request for passwords and login details over phone calls, SMS or emails. Please DO NOT click on the links in such SMS or emails.

How can you protect yourself from phishing?

1. Be alert and always verify the details in SMS or emails from ICICI Singapore and do not authorize any suspicious transactions.
2. Always type in the URL of our website directly into the address bar of your browser.
3. Do not reveal any personal or banking details.
4. Never reply to unsolicited SMSs or emails or act on phone calls from unknown sources.
5. Avoid online banking in public areas such as cyber-cafes.
6. Log off each time you complete online banking activities
7. Select passwords that are difficult to guess. Change them often.
8. Always check the authenticity of the software before downloading
9. Call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com, if you notice unknown transactions appearing in your account.
10. Customers are also encouraged install firewall and anti-virus and anti-spyware in their computers and to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, you are advised to turn them on.
11. Please refer to our Safe Banking link at http://www.icicibank.com.sg/safe-banking/index.page? For more information on safety tips and measures.

Cyber-attacks on corporates have increased steadily in recent years. With criminals constantly devising new ways to steal information and money, one of the newest emerging threats is Business Email Compromise, also known as CEO or Chairman Fraud. The most frequent targets of this scam, small and medium-sized businesses, can lose huge sums because of one email.

 

The fraudsters would usually employ social engineering techniques and other cyberattacks such as installing malware to compromise and infiltrate the company’s system and endpoint devices. After gaining access to the senior executive or CEO’s email account, the fraudster would study his/her day-to-day activities and interactions. Next, the fraudster would use the compromised email account or a “look-alike” email account to send an email to trick the company’s employee, customer or business partner to make a payment to rogue accounts or a purchase of gift card/voucher. A common tactic is to imitate the manner in which the senior executive/CEO sends payment instructions, or reply to an on-going email conversation to make the request appear credible.

How can you protect your business?

1. Make sure your staff are alert to this type of fraud.
2. Implement a two-step payments verification process which includes a non-email check (e.g. phone/ SMS).
3. Always use known contact details to follow up an email request. DO NOT:
• reply directly to the email you have received; or
• use any phone numbers or other contact information included in the email.
4. Check email addresses before replying or acting on them.
5. Call us immediately at 8001012553 (If you are calling from Singapore) or (65) 67239009 (If you are calling from outside Singapore), 7 days a week, 0800 - 1800 hrs or email sg.service@icicibank.com, if you notice unknown transactions appearing in your account.
6. Customers are also encouraged install firewall and anti-virus and anti-spyware in their computers and to use the latest versions of internet browsers available, which may provide advanced security features such as anti-phishing and forged website identification. If such features are available, you are advised to turn them on.

Criminals / Fraudsters may call and trick you into believing that they are bank officers, government officials or the police. The caller ID on your mobile phone may even appear as “999”. Criminals typically use scare tactics to threaten you and make you believe that you have committed a crime.
Criminals may then ask you to give them your online banking credentials so that they can “check” your online accounts. If you do so, the criminals will be able to login to your online banking accounts and wipe out all the money in your bank accounts.

 

For example, The Immigration and Checkpoints Authority of Singapore (ICA) has recently issued public advisory on Scam from ICA. You may refer to https://www.ica.gov.sg/news-and-publications/media-releases/media-release/public-advisory-on-scam-call-from-ica for more details.

Here are some tips to protect yourself from bogus phone calls. Always keep the following in mind:

• Government officials or bank officers will NEVER call you to ask you for your personal information, such as your online banking credentials.
• When in doubt, always hang up the phone. For example, if the caller ID displays “999”, hang up and call or visit your nearest police post to verify the authenticity of the call.
• Never undertake any transaction / transfer funds at the behest of such calls without verifying further details or checking with the relevant officials / authorities.