A new wave of phishing SMSes have scammed at least 103 victims of about S$161,000 in December, said the Singapore Police Force on Friday (Dec 29).

Scammers impersonated banks, attempting to get online banking usernames, passwords or one-time passwords (OTPs).

These SMSes came from a “+65” number and warned victims of unauthorised attempts to access their bank accounts, and urged them to click on embedded URL links to verify their identities and stop the transactions. Victims who clicked on the links would be directed to spoofed bank websites, where their Internet banking credentials and OTPs would be captured by scammers and used to make unauthorised withdrawals.

WhatsApp messages have also been utilised in this new wave of phishing attacks, where scammers impersonated bank security department officers. The scammers provided forged bank statements showing unauthorised transactions made with the victim’s e-wallet.

Victims realised they had been scammed when they discovered the unauthorised transactions in their actual accounts.

The police advise the public to download the ScamShield app to protect themselves from scam calls and SMSes, and to check with official sources. They reiterated that banks will never send clickable links via SMS.

GET BT IN YOUR INBOX DAILY

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign UpVIEW ALL

The public is also advised to set security features such as transaction limits, two-factor authentication, and multifactor authentication for bank accounts and e-wallets.