Received an SMS claiming to be from UOB? It could be a phishing website

CK Tanmail

Posted on 17 January 2018 | 2,038 views | 3 comments

The Singapore Police Force has issued an official statement on its Facebook page, warning netizens about phishing websites. 

This comes after some netizens were reportedly tricked into giving their personal information, including credit card details after responding to SMSes reportedly sent by United Overseas Bank (UOB). 

However, the victims later realised that there were unauthorised transactions in various foreign currencies made to their credit cards. 

The victims each described having received an SMS allegedly sent by UOB, in which they were asked to visit a link provided.

They would then be directed to a website that resembles a genuine bank website and asked to enter personal information, as well as credit card details. 

Among the information asked were the credit card number, date of expiry and Card Verification Value of the respective cards. 

In each of these cases, the scammers then downloaded the ‘UOB Mighty App’ without the knowledge of the victims, and entered the data provided by the victims.

This led to the victims receiving One-Time Password (OTP) prompts sent by the bank to their mobile phones, which they were asked to key into the website. 

The victims subsequently received SMS notifications that foreign transactions were made on their credit cards.

One victim, Stephen Tay posted on Facebook about his experience, saying:

“Got this SMS an hour ago and it only states a link to uob-mob_com (I switched the . to a _ to prevent Facebook from leading you to the actual link)

“Beware! This is a new form of spoofing to get your login information.

“The domain name is not owned by UOB and was just registered as the SMS was sent out.

“If you see such messages, delete them!”

In response to the incidents, the police urged members of the public to be vigilant in their post.

Read the post:

“A) Be wary when you are asked to disclose your personal information and bank account details over the internet.

“B) Beware of phishing websites that may look genuine. Look for signs that you are using a legitimate or secure website. These websites are generally encrypted to protect your details. Secure websites use 'https:' instead of 'http:' at the start of the internet address, or display a closed padlock or unbroken key icon at the bottom right corner of your browser window.

“C) Report any fraudulent charges detected in your credit card bills to your bank immediately.”

It also encouraged victims to call the helpline or go to www.scamalert.sg to get advice on scams and how to avoid them. 

Get more of Stomp's latest updates by following us on Facebook, WhatsApp, Twitter, Instagram and YouTube.

Related Stories
Received a link to survey claiming to offer $400 NTUC FairPrice gift card? It's fake
Reader claims his BMW was stuck in Monday's flood -- but Stomp's image search reveals otherwise
Several victims were cheated into providing their personal information and credit card details on DBS and SIA phishing websites (PHOTOS: THE STRAITS TIMES)
Beware of phishing emails claiming to be sent by DBS and SIA
More About: 
scam
bank
SPF