Banks have already removed clickable links in emails and text messages

The prevalence of phishing scams has been making headlines lately, with many well-known organizations being hit by scammers.

As protectors of people’s hard-earned money, banks are supposed to be safer than most.

Thus, at least 2 Singaporean banks – OCBC and DBS – have already declared that they have deployed additional security measures to combat scams.

Source, Source

A new measure is that the funds transfer amount limit for customers to receive an alert will be lowered – OCBC setting it at 1 cent.

Alerts for fund transfers set at 1 cent

Since the latest OCBC scam ripped through the accounts of more than 400 victims, a glaring spotlight has been shone on the bank.

Therefore, in addition to making full goodwill payments to the victims, they will ensure that these $8.5 million losses never happen again.

Source

One way is to detect scams early by alerting customers to funds transfers and payments from their account.

According to an OCBC press release seen by MS Newscustomers will be notified for transfers as low as 1 Singapore penny (S$0.01).

Source

This was put on Friday (21 Jan)they said, and applies to transfers including:

  1. PayNow Payments
  2. Fast and secure (FAST) transfers between banks in Singapore

Reduced PayNow daily limit

PayNow has established itself as a convenient, cashless way to pay whether for business or friends.

As part of OCBC’s new measures, the default daily limit for PayNow payments will now be $1,000, up from $5,000 previously.

Customers can even adjust this limit down to $100.

Source

The cash amount that could be transferred per transaction was $1,000 by default. It will now be $200.

These limits have been in effect since Jan. 14, OCBC said.

24-hour cooling-off period

When scammers take over a bank account, victims have noticed how quickly significant changes have been made.

As such, OCBC will institute a 24-hour cooling-off period for key account changes by Jan 31.

This follows a similar 24-hour wait for digital token provisioning that was implemented on December 31.

Clickable links in marketing emails or SMS have also been removed by the bank, as mandated by the Monetary Authority of Singapore (MAS), since January 11.

Permanent fraud team

A permanent team has also been set up to handle customer queries and reports of fraud, OCBC said.

Source

This dedicated team has been trained to help customers affected by the SMS phishing scam.

When customers call the OCBC hotline on 1800 363 3333, they can now assess an option to “escalate” reports of suspected scams.

The bank will continue to “educate and inform customers” about the scams in various ways, such as via social media and text messages.

DBS also lowers funds transfer alert limit

Another local bank, DBS, also recently warned against scammers targeting their customers.

Therefore, in line with MAS stipulations, they will also be rolling out their own stricter measures, they said in an email sent to customers which was seen by MS News.

Source

Like OCBC, they will lower the limit so customers are alerted when funds are transferred to their account.

Notifications will be sent for transactions of $100 or less, by default, DBS said.

Customers will also be able to adjust this limit, allowing the bank to send them an alert for transfer amounts as low as $1, via internet banking.

Guarantees for account changes

When scammers take over an account, one of the things they can do is change its registered email address or mobile phone number.

So when DBS receives such a request, it now notifies the existing email or mobile registered with the bank.

Where they receive requests to change other key account details, such as a customer’s contact details, there will also be a cooling off period.

Before activating a new software token on a mobile device, there will also be a delay of at least 12 hours.

Such measures will hopefully serve to deter or slow down scammers gaining access to an account.

No more non-essential texts

Most bank customers are accustomed to receiving occasional promotional text messages from banks.

Source

However, DBS will stop this practice for good, pledging to stop sending non-essential text messages to retail and wealthy customers.

Even essential texts that the bank will send – usually for security and commercial notifications and OTP authentication – will not have clickable links.

DBS advised customers not to click on any links in texts that appear to be from the bank.

They assured that they would never ask for sensitive information such as account details, user ID, PIN or OTPs over phone, email or SMS.

The bank will also send educational scam alerts to customers, and their dedicated teams will prioritize feedback on cases of suspected fraud.

Kudos for their quick action

Kudos to the banks for taking swift action against the scams.

As customers, we also need to educate ourselves about scams and strive to be vigilant.

Hopefully, with these measures and public attention, fewer people will fall prey to these nefarious acts.

Do you have news to share? Contact us by email at [email protected]

Featured image adapted from Google Maps and Google Maps.