OCBC phishing scam left victim broke and starving on Christmas Day
SINGAPORE — Being penniless and hungry on Christmas Day was not something that 33-year-old Trisha (not her real name), whose OCBC bank account was targeted by scammers through an SMS phishing scam on Christmas Eve last month, ever imagined could happen to her. Test (F&B) test
Like many others who received a text message disguised as an official message from the bank, the Singaporean clicked on a link in the fake message that exhorted her to activate the bank’s OneToken authentication tool.
- Six scam victims said the fact that the fake message appeared in the SMS thread used by OCBC was why they mistakenly thought that the link in the message was credible
- At least 469 bank customers were affected by the phishing scam, totalling around S$8.5 million in losses
- Some did not give scammers their one-time passwords, but their accounts were hijacked anyway
- The bank has said it is rendering assistance to affected customers
Quiz of the week
How well do you know the news? Test your knowledge.
SINGAPORE — Being penniless and hungry on Christmas Day was not something that 33-year-old Trisha (not her real name), whose OCBC bank account was targeted by scammers through an SMS phishing scam on Christmas Eve last month, ever imagined could happen to her.
Like many others who received a text message disguised as an official message from the bank, the Singaporean clicked on a link in the fake message that exhorted her to activate the bank’s OneToken authentication tool.
Guarding against sms PHISHING
OCBC said the success of scammers hinges on being able to obtain personal banking details from bank customers. Here are some mobile banking tips to guard against SMS phishing:
- Do not disclose personal banking details to unverified sites
- Mobile access to bank accounts should always be done using the official banking or payment app
- Key in the bank’s website address directly into the phone browser, instead of using a link
- Check that the website address is legitimate before submitting any sensitive account information
- Update your mobile phone with the latest security patches
- Use strong passwords for different websites and avoid reusing passwords
- Keep up-to-date with the latest tactics by scammers
Guarding against sms phishing
OCBC said the success of scammers hinges on being able to obtain personal banking details from bank customers. Here are some mobile banking tips to guard against SMS phishing:
| 1 | Do not disclose personal banking details to unverified sites |
| 2 | Mobile access to bank accounts should always be done using the official banking or payment app |
| 3 | Key in the bank’s website address directly into the phone browser, instead of using a link |
| 4 | Check that the website address is legitimate before submitting any sensitive account information |
| 5 | Update your mobile phone with the latest security patches |
| 6 | Use strong passwords for different websites and avoid reusing passwords |
| 7 | Keep up-to-date with the latest tactics by scammers |
Stay in the know. Anytime. Anywhere.
Subscribe to our newsletter for the top features, insights and must reads delivered straight to your inbox.
By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.
