7 arrested for their involvement in SMS banking-related phishing cases

Seven people, aged between 18 and 27, were arrested for their suspected involvement in a recent spate of SMS banking-related phishing scam cases, the police said in a statement.

The arrests were made following an islandwide anti-scam enforcement operation by the Commercial Affairs Department that was conducted between Jan 15 and 16.

Preliminary investigations revealed that the seven people had allegedly facilitated the scam cases by giving up their bank accounts and Internet banking credentials, and/or disclosing their Singpass credentials for monetary gains.

The police said they received several reports of SMS banking-related phishing in January.

The scammers would impersonate DBS bank or bank staff through spoofed SMSes to phish for victims' banking credentials, resulting in unauthorised transactions made from the victims' bank accounts.

The victims would receive unsolicited SMSes claiming to represent DBS/POSB bank.

These messages would warn the victims of possible unauthorised attempts to access their DBS bank accounts, urging them to click on the embedded URL links to verify their identities and stop the transactions.

After clicking on the links, the victims were directed to spoofed DBS bank websites and misled into providing their Internet banking credentials and one-time passwords (OTPs). The scammers would use these to make unauthorised withdrawals.

Six of the seven people arrested, aged 19 to 27, will be charged in court with the offence of abetting unknown persons to secure unauthorised access to the bank's computer system.

First-time offenders can be jailed up to two years, or fined up to $5,000, or both.

An 18-year-old male teen will be charged in court with the offence of disclosing Singpass credentials.

First-time offenders can be jailed for up to three years, and fined up to $10,000, or both.

The police said they will spare no effort to track down cybercriminals and individuals responsible for SMS banking-related phishing cases and will continue to take tough enforcement actions against those who flour the law.

"To avoid being an accomplice in these crimes, members of the public should always reject seemingly attractive money-making opportunities promising fast and easy pay-outs for the use of their Singpass accounts, bank accounts or allow their personal bank accounts to be used to receive and transfer money for others," the police said.

The police added that individuals will be held accountable if they are found to be linked to such crimes.

Members of the public are advised to follow these crime prevention measures:

• ADD – ScamShield App to protect yourself from scam calls and SMSes. Set security features such as transaction limits for Internet banking transactions and enable multifactor authentication for banks and e-wallets).

• CHECK – For scam signs with official sources such as the ScamShield WhatsApp bot @ go.gov.sg/scamshield-bot, call the Anti-Scam Helpline at 1800-722-6688 or visit www.scamalert.sg. Banks will never send you clickable links via SMS. Look out for tell-tale signs of a phishing website and never disclose your personal or banking credentials, including OTPs to anyone, even one claiming to be a bank officer.

• TELL – authorities, family, and friends about scams. Report any fraudulent transactions to your bank immediately.

If you have any information relating to such crimes or if you are in doubt, please call the police hotline at 1800-255-0000, or submit it online at www.police.gov.sg/iwitness. All information will be kept strictly confidential. If you require urgent police assistance, please dial 999.