Scams and banks

JANUARY 23 — I like to think of myself as savvy enough — which is to say when waiting for my lift at the void deck, I find the posters that caution against sending money to a pretty woman online, amusing.

The arrogance is that I believed that I was smart enough to see a scam and not get involved. Recent headlines, however, have made clear how wrong I was.

Anyone of us can get scammed — we all need to be careful but in addition to this, we need to ensure there are enough avenues for recourse in the event it happens.

As of December last year, some 469 OCBC customers have reported losing about S$8.5 million (RM26.4 million) in phishing scams.

Between the 24th and 26th of December, 2.7 million dollars worth of scams were reported.

This is a single bank.

Actually the scale of the problem is much larger. Scams occur across multiple banks, financial institutions and shopping platforms and anywhere else that receives and sends money online.

Still bank fraud remains the most worrying as that is where the vast majority of people keep the majority of their money.

So if hackers and scammers gain access to your bank account, they can ruin your life.

OCBC described a recent phishing scam that hit its customers as ‘particularly aggressive and highly coordinated’, becoming increasingly frequent over the year-end holiday period in 2021. — Reuters pic
OCBC described a recent phishing scam that hit its customers as ‘particularly aggressive and highly coordinated’, becoming increasingly frequent over the year-end holiday period in 2021. — Reuters pic

Recently frauds have occurred on a life changing scale. A civil servant was reported to have lost S$500,000 — effectively his entire life savings — and a young software engineer lost S$250,000.

These sums were taken in a sophisticated scam. The victims received SMS messages from what appeared to be OCBC’s official phone number telling them to click on a link due to suspicious activity/problems with their online bank accounts.

The wording and source of the messages seemed authentic and when the victims clicked on the link, they were redirected to a site that looked exactly like the original OCBC site.

The users then entered their usernames and passwords and their One Time Security Passwords. With this information, scammers were able to secure access to the victims’ real bank accounts.

With this access, the scammers transferred funds out of the accounts, rapidly re-transferring the money to other accounts — making it hard to trace.

The manipulation of legitimate phone numbers and extremely well cloned spam sites and URLS make this a scam one that virtually anyone could fall for.

When the frauds were reported, OCBC hesitated to offer the victims full compensation — saying that primary liability for safety lay with individual users and that recovery of stolen funds would be extremely difficult.

But as more stories of life changing scams were reported, the bank appeared to change course and offered victims full compensation.

The Monetary Authority of Singapore also issued new security directives pushing banks to tighten security around their online services.

Banks will now no longer be able to communicate with embedded links and customers will receive notifications of even minor amounts of money leaving their accounts.

However, no matter how fast guidelines are tightened new scams will emerge and banks may not be willing or able to compensate everyone.

So, as with most things, the key really is to be extremely protective of our online account details and wary of any unusual messaging even from what seems to be our banks.

However, part of the problem is the difficulty contacting banks. It can take ages to get through to a customer service executive on the phone.

The victims of the recent frauds also complained that it took them a lot of time to get through to the banks and that executives were often less than helpful.

If I receive a suspicious seeming message I should be able to contact the bank immediately and ascertain its authenticity. Dedicated lines, chats, should be introduced to allow customers to verify and report suspicious activity rapidly.

*This is the personal opinion of the columnist.

Related Articles Anti-vaccine group founder, doctor in Singapore charged with conspiracy to submit fake Covid-19 vaccination records Singapore agency urges caregivers of children with special needs to seek help, after 11-year-old boys’ deaths Singaporeans grieve at Greenridge Crescent canal over 11-year-old boys’ deaths; fellow condo residents in disbelief

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting