Search the Community

Let's start with this https://www.straitstimes.com/singapore/courts-crime/ocbc-bank-customer-lost-120k-in-fake-text-message-scam-another-had-250k-stolen Young couple lost $120k in fake text message scam targeting OCBC Bank customers SINGAPORE - It took a man and his wife five years to save about $120,000, but in just 30 minutes, scammers using a fake text message stole the money they had kept in their OCBC Bank joint savings account. The couple in their 20s were among at least 469 people who reportedly fell victim to phishing scams involving OCBC in the last two weeks of December last year. The victims lost around $8.5 million in total. The husband works in the e-commerce sector, while his wife is in the hospitality industry. The man said he received the phishing message with a link at around noon on Dec 21 last year. A 38-year-old software engineer who fell prey to the same scam on Dec 28 told ST that he lost about $250,000 he had been saving since 2010. The father of a young child with special needs said the loss has been devastating, and he has been hiding it from his family. The bank said it has since halted its plans to phase out physical hardware tokens by the end of March this year, and has also stopped sending SMSes with links in them in the light of the spate of phishing incidents. Cyber security expert Anthony Lim, who is also a fellow at the Singapore University of Social Sciences, said scammers have advanced software enabling them to spoof telecommunications services and send SMSes that appear in the same threads used by real organisations. He added that even if victims did not provide their one-time passwords (OTPs), they would have sealed their fate when they entered other bank details on the fraudulent sites. "Once the victim unwittingly responds by entering the bank account credentials, the hackers' technologies can divert and capture a copy of the SMS OTP issued by the bank," he said.