Seven persons, aged 18 to 27, were arrested for their suspected involvement in the recent spate of SMS banking-related phishing scam cases, following an island-wide anti-scam enforcement operation that was conducted between 15 and 16 January 2024.
During the two-day operation, officers from the Commercial Affairs Department mounted simultaneous island-wide operations and arrested the seven persons. Preliminary investigations revealed that the seven persons had allegedly facilitated the scam cases by relinquishing their bank accounts and Internet banking credentials, and/or disclosing Singpass credentials for monetary gains.
Since January 2024, the Police received several reports of SMS banking-related phishing scams. where the scammers would impersonate DBS bank or the bank staff through spoofed SMSes, to phish for victims’ banking credentials, resulting in unauthorised transactions made from the victims’ bank accounts. In these cases, the victims would receive unsolicited SMSes (bearing overseas numbers, local numbers or short codes) claiming to represent DBS/POSB bank. These SMSes would warn the victims of possible unauthorised attempts to access their DBS bank accounts, urging them to click on the embedded URL links to verify their identities and stop the transactions. After clicking on the links, the victims were directed to spoofed DBS bank websites and misled into providing their Internet banking credentials and One-Time-Passwords (OTPs), which the scammers would use to make unauthorised withdrawals.
Six persons, aged 19 to 27, will be charged in court with the offence of abetting unknown persons to secure unauthorised access to the bank’s computer system under Section 3(1) read with Section 12 and Section 14 of the Computer Misuse Act 1993. For first-time offenders, the offence carries a fine not exceeding $5,000, an imprisonment term not exceeding two years, or both. An 18-year-old male teenager will be charged in court with the offence of disclosing Singpass credentials under Section 8(2)(a) of the Computer Misuse Act 1993. For first-time offenders, the offence carries an imprisonment term not exceeding three years, a fine not exceeding $10,000, or both
The Police will spare no effort to track down cybercriminals and individuals responsible for SMS banking-related phishing cases and will continue to take tough enforcement actions against those who flout the law. To avoid being an accomplice in these crimes, members of the public should always reject seemingly attractive money-making opportunities promising fast and easy pay-outs for the use of their Singpass accounts, bank accounts, or allow their personal bank accounts to be used to receive and transfer money for others. The Police would like to remind members of the public that individuals will be held accountable if they are found to be linked to such crimes.
The Police would like to advise members of the public to be on heightened alert and to follow these crime prevention measures:
- ADD – Add the ScamShield App to protect yourself from scam calls and SMSes. Set security features (e.g. set up transaction limits for internet banking transactions, enable Two-Factor Authentication (2FA), Multifactor Authentication for banks and e-wallets).
- CHECK – Check the official sources. DBS bank and other banks will never send you clickable links via SMS. Neither will their employees call you to ask for your internet banking credentials or OTPs. Be extremely wary of any unsolicited links in SMSes which leads you to a bank’s website. Never disclose your personal or banking credentials, including OTPs to anyone. Always verify the authenticity of claims of problems with your bank account or cards issued by the bank with the official bank website or sources.
- TELL – Tell authorities, family, and friends about scams. Remember to spread the word to your loved ones that banks do not send clickable links via SMS. Report any fraudulent transactions to DBS bank immediately.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688. Anyone with information on such scams may call the Police Hotline at 1800-255-0000 or submit information online at www.police.gov.sg/iwitness. All information will be kept strictly confidential.
SINGAPORE POLICE FORCE
16 January 2024 @ 7:20 PM