S’pore banks to end clickable links in SMSes & emails

S’pore banks to end clickable links in SMSes & emails

19/1/2022 4:18:00 PM

S’pore banks to end clickable links in SMSes & emails

The measures are set to kick in within the next two weeks.

MAS said in its statement on Jan. 19 that it expects all financial institutions to have in place"robust measures" to prevent and detect scams, and specified"effective incident handling andThey are also evaluating"longer-term preventative measures" in the coming months.

Removal of clickable links in emails or SMSes sent to retail customersNotification to existing mobile number or email registered with the bank whenever there is a request to change a customer’s mobile number or email addressMore frequent scam education alerts

Read more: Mothership.sg »

Warriors coach Kerr calls for gun control after Texas school shooting

BENGALURU — Golden State Warriors coach Steve Kerr refused to talk about basketball at a pre-game news conference on Tuesday (May 25) and instead called for stricter gun control after the killing of at least 18 children and an adult in a Texas school Read more >>

Safeguard for Paynow transfer too.

S'porean man shows how easy it is to spoof SMSes like those in OCBC scamMethod is 'extremely easy' for scammers to exploit. Wow that is pure evil, he needs to be locked up for life. The lesson learnt here is that, sometimes its better to have the mentality of prepare to lose a few tens to hundreds of dollars to an unauthorised 'graab' or 'lazardae' deduction, rather than to react immediately to a fake notification of unautho deduction , and lose lifesavings Please teach. We can spoof the bank accounts from the white party so they will enforce new laws and safety net because it hurt them.

Banks to remove clickable links in emails, SMSes sent to customers as part of new security measuresSINGAPORE — Banks in Singapore will be removing clickable links in emails or SMS messages sent to retail customers and set the threshold for funds transfer notifications to customers by default at S$100 or lower. These are part of several measures to protect account holders from phishing scams. It’s better to bring back traditional methods instead of relying on sms and apps online banking for those who prefers over the counters customers services.

Banks to remove clickable links in emails, SMSes sent to customers as part of new security measuresSINGAPORE — Banks in Singapore will be removing clickable links in emails or SMS messages sent to retail customers and set the threshold for funds transfer notifications to customers by default at S$100 or lower. These are part of several measures to protect account holders from phishing scams. It’s better to bring back traditional methods instead of relying on sms and apps online banking for those who prefers over the counters customers services.

DBS warns of SMS phishing scam after fake messages received by customers'DBS will never ask for your account details or OTP over the phone, email or SMS,' the bank said in a Facebook post.

Banks to tighten measures to boost digital banking security: MAS, ABSSINGAPORE: Additional measures will be put in place within the next two weeks to bolster security of digital banking services, following a recent spate of SMS phishing scams targeting bank customers.

OCBC phishing scam: Banks should stop using SMS to communicate with customers, experts saySINGAPORE — In the wake of a recent phishing scam involving hundreds of OCBC bank customers, some cybersecurity experts are suggesting that banks here do away with communicating important information such as verification codes via SMS. Then use wat? Email? Call? Telepathy? Step 1 is wrong. It should be the bang’s useless security and failed customer service. Bank’s comm with customers should be via bank’s app only. No more sms please. This is scary.

December OCBC scams that saw 469 victims lose a collective S$8.5 million. Among the new measures, banks will no longer be allowed to send clickable links in emails or SMSes to retail customers and must have a mandatory cooling-off period whenever key account changes are made. MAS said in its statement on Jan. 19 that it expects all financial institutions to have in place"robust measures" to prevent and detect scams, and specified"effective incident handling and in the event of a scam". MAS said the recent spate of phishing scams necessitates"immediate steps" to strengthen controls. They are also evaluating"longer-term preventative measures" in the coming months. No more clickable links, 12-hour delay for soft token activation MAS will work with banks in Singapore to put in place the following measures within the next two weeks: Removal of clickable links in emails or SMSes sent to retail customers Threshold for funds transfer transaction notifications to customers to be set by default at S$100 or lower Delay of at least 12 hours before activation of a new soft token on a mobile device Notification to existing mobile number or email registered with the bank whenever there is a request to change a customer’s mobile number or email address Additional safeguards, such as a cooling-off period before implementation for requests to key account changes such as in a customer’s key contact details Dedicated and well-resourced customer assistance teams to deal with feedback on potential fraud cases on a priority basis More frequent scam education alerts MAS acknowledged that these more stringent measures will lengthen the time taken for certain online banking transactions, but"will provide an additional layer of security to protect customers’ funds". Working on"permanent solutions" to combat SMS spoofing Banks will also work closely with MAS, the Singapore Police Force, and the Infocomm Media Development Authority (IMDA) to"deal with this scourge of scams". This entails finding"more permanent solutions" to combat SMS spoofing, including the adoption of the SMS Sender ID registry by all relevant stakeholders. "MAS is also intensifying its scrutiny of major financial institutions’ fraud surveillance mechanisms to ensure they are adequately equipped to deal with the growing threat of online scams," it added. The managing director of MAS, Ravi Menon said: "MAS is deeply concerned about the recent spate of scams and the financial losses suffered by victims. The threat of scams will not go away, but we can reduce our vulnerabilities. This requires a multi-pronged response across the ecosystem. MAS, together with the Police, IMDA and other relevant government agencies, is working closely with the financial industry, the telco industry, consumer groups, and other stakeholders to strengthen our collective resilience against scam attacks. We will ensure that digital banking remains secure, efficient, and trusted.” Customer vigilance"paramount" MAS said that customer vigilance"remains of paramount importance", and added that scammers are quick to adapt in targeting unsuspecting consumers. MAS wishes to remind the public of the following: Never click on links provided in SMSes or emails Never divulge internet banking credentials or passwords to anyone Verify SMSes or emails received by calling the bank directly on the hotline listed on its official website Verify that you are at the bank’s official website before making any transactions, or transact through the bank’s official mobile application Closely monitor transaction notifications so that any unauthorised payments are reported as soon as possible to increase the chances of recovery Follow and listen to our podcast here Top photo via Teck Tong Teo/Google Maps If you like what you read, follow us on