Security and Privacy

New Scam Alerts

Additional measures to protect you from scams

24 January 2022

Maybank Singapore, in consultation with the Monetary Authority of Singapore, will be implementing stricter measures by 31 January 2022 to lower the risks of online fraud. These safeguards include (but is not limited to) phasing out clickable links in SMSes and emails sent to you, revising the default threshold for local and overseas funds transfer notifications and delaying the activation of Secure2u (digital token) by at least 12 hours. For details, please refer to FAQ.

Please change your password immediately as soon as you suspect that you have fallen victim for a fraud. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

How scam savvy are you?

Take the National Crime Prevention Council's anti-scam quiz to find out.

Take the quiz now

Disclaimer: By clicking the “Take the Quiz Now” button, please note that you will be brought to National Crime Prevention Council’s website, a third party website. The contents and the use of the website is subject to their terms, including those related to confidentiality, privacy and security.

Impersonation Scam Calls (Maybank Staff)

23 May 2022

We have received reports of ongoing scam calls to victims impersonating Maybank staff. Victims received the calls from +65 6275 XXXX, +65 6330 XXXX, +65 6275 2669, +65 6235 6694 and +65 6475 2901 and are required to verify the transactions (These are not valid Maybank hotline numbers).

List of information that victims are informed by the scammers (but is not limited to):

  • An unauthorised Maybank account (5304-XXXX-1190) is opened under their names
  • Large amounts are transferred to another bank
  • Verification is needed to confirm on the recent personal loan application
  • An outstanding personal loan account (7790-XX-4489) is due for payment
  • Accounts may be compromised and scammer offered to transfer the call to government officials

 

How can you protect yourself from scams?

  • Beware of incoming calls with the ‘+65’ prefix.  Do not pick up such calls if you are not expecting anyone calling from overseas.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of SMS Phishing Scams Targeting Banks

21 May 2022

There have been reports of an influx of SMS phishing scams targeting banks where the victims first received the SMS alert informing them that their credit cards have been suspended and to activate, they have to call the number ‘3129 XXXX’. The scammers would then call the victims back and request the victims to provide card details and OTPs. These led to subsequent unauthorised card usage.

Sample of Fake SMS Alert

 

How can you protect yourself from scams?

  • Be wary of fake SMSes with spoofed headers and contents with grammatical errors.
  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. Maybank will not request for personal information, banking credentials or OTPs through phone calls or messaging applications.
  • Do not share your confidential banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scam

25 April 2022

We have received reports of ongoing scam calls to victims impersonating Maybank staff. Victims received the calls from +65 6275 XXXX, +65 6330 XXXX, +65 6275 2669, +65 6235 6694 and +65 6475 2901 and are required to verify the transactions (These are not valid Maybank hotline numbers). Victims are also informed that there is either an unauthorised Maybank account (5304-XXXX-1190) opened under their names or large amounts are transferred to another bank account.

 

How can you protect yourself from scams?

  • Beware of incoming calls with the ‘+65’ prefix.  Do not pick up such calls if you are not expecting anyone calling from overseas.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scam - SMS Phishing Scam

22 April 2022

We have received reports of SMS phishing scams purportedly sent from ‘MAYBANK’ impersonating Maybank. Customers are informed that there has been a login attempt from a new device and are directed to click on a link if the login is not performed by them. Do not click on these links as these SMSes are not sent by Maybank.

Sample of the fake SMS – April 2022

 

How to protect yourself from being a victim of scams?

  • Please note that Maybank does not send SMSes or emails that contain clickable links. Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Job Scams

11 April 2022

Beware of job scam advertisements that are posted on social media platforms claiming to be job recruiters. Scammers would claim to be recruiting for jobs that offer high commission for reviewing of travel packages, promoting merchant products or watching movie trailers on dubious platforms.
Do not accept these dubious job opportunities that offer lucrative returns for minimal effort or asking for upfront payments before you start work on the promise of a refund with a commission. These are common tactics used by scammers to lure you into participating in their schemes or scams.

 

How to protect yourself from being a victim of scams?

  • Ignore unsolicited messages advertising job offers from unknown numbers or unknown foreign numbers.
  • Never download applications from unverified sources and ensure that the applications are downloaded directly from the official Apple app store or Google Play store
  • Reject requests to use your personal bank accounts to receive and transfer money for others to avoid being involved in money laundering activities.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of China Officials Impersonation Scams

22 March 2022

There have been reports of elderly victims being targeted by scammers claiming to be China officials via unsolicited phones calls. The scammers would inform the victims that they were under investigations for various offences such as illegally opening a bank account in China and money laundering offences and would request for victims’ particulars and banking credentials for investigation.

In these cases, the scammers would get money mules to escort the victims to the bank counters to withdraw money or to fill up forms to activate their iBanking in order to transfer out sums of money from the victim’s bank account. It was observed that the victims are taught what to say in order to assure the bank staff of their actions.

 

How to protect yourself from being a victim of scams?

  • No foreign law enforcement or authority can investigate offences here in Singapore.
  • Ignore the instructions given if you receive unsolicited calls via phone. No government agency will request for personal information, banking credentials or OTPs through phone calls.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotlines.
  • Change your online banking password immediately as soon as you suspect that your online banking has been compromised. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Tech Support Scams

10 March 2022

Please be vigilant of scammers impersonating staff from technical companies such as Microsoft, local telecommunication service providers or officers from government agencies who are offering technical support.

In these cases, the victim would receive pop up message on their electronic devices indicating that a virus had been detected or an issue with an application. Victims would click on the pop-up message which directs them to call a number for help. The scammer would then instruct the victims to install remote access applications such as ‘Anydesk’, ‘Ultraviewer’ or ‘TeamViewer’. The scammers would also access victims’ Singpass accounts. Victims would realise that something was amiss when they received notifications in their Singpass Inbox that their personal details have been retrieved or misused.

How to protect yourself from being a victim of scams?

  • Install anti-virus, anti-spyware/malware, and firewall on your computer and perform regular updates.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotline, if you are unsure of whether something is a scam.
  • Change your online banking password immediately as soon as you suspect that your online banking has been compromised. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Beware of Business Emails Compromise Scams

9 March 2022

Please be vigilant of business email compromise scams. Scammers would hack into corporate emails or use spoofed email addresses, impersonating CEOs, business partners, employees of companies or suppliers to defraud victims into transferring money to their bank accounts for business partners or salaries of other employees. 

The scammers may also instruct the victims to purchase gift cards for work purposes or request for goods to be delivered and would trick the victims through fake invoices/purchase orders.  Victims realised that they have been scammed when they were informed that the funds or salaries were not received and there were discrepancies in the email addresses or after checking with their colleagues.

Signs to watch for in scam emails:

  • Spelling/grammatical mistakes in the email contents
  • Urgency for immediate payments to be made
  • Unexpected changes to bank account details
  • Emails instructing to purchase iTunes/Google Play cards on the pretext of work

 

How to protect yourself from being a victim of scams?

  • Be alert of any new or changes in the payment instructions and bank accounts
  • Use strong passwords and enable two-factor authentication (2FA) where possible on email accounts. 
  • Consider installing email authentication tools such as Domain-based Message Authentication, Reporting and Conformance, DMARC (dmarc.globalcyberalliance.org), which can help detect fraudulent emails.
  • Install anti-virus, anti-spyware/malware, and firewall on your computer and perform regular updates.
  • If you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Singpass QR Code Scam

5 March 2022

We received reports of ongoing Singpass QR code scam whereby scammers would mislead victims into scanning Singpass QR codes and promise them monetary rewards for their participation in various surveys. The scammers would request for the victims to scan a Singpass QR code with their Singpass app, claiming it was part of the verification process for disbursement of the monetary rewards.

However, the Singpass QR codes are fake and victims would unintentionally give the scammers access to certain online services; such as registering businesses, subscribing for new mobile lines or opening new bank accounts under the victim’s name. Victims would only realise something was amiss when they receive notifications in their Singpass Inbox that their personal details have been retrieved or misused.

Annex A:

Sample of Singpass QR code used by scammers:

 

How to protect yourself from being a victim of scams?

  • Never scan any Singpass QR code sent to you by someone else. You should only scan the Singpass QR code on the official website of the e-service that you want to access, or tap on Singpass QR codes on the official apps of these e-services.
  • Always verify with official sources on whether the information you have received is sent by the organisation and if the transaction involves authentication using the Singpass app.
  • After scanning a Singpass QR code, always check the consent screen on your Singpass app to verify the legitimacy of the digital service you are accessing. Ensure that the domain URL displayed on your Singpass app matches that in the browser address bar. If otherwise, do not tap on the ‘Log In’ button on the consent screen.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

COE Loan Renewal Phishing Scam

15 February 2022

We received reports of ongoing car COE loan phishing advertisements appearing on Google searches which are being tagged to Maybank. The advertisement suggests that COE loan renewals can be done with Maybank.

Please note that Maybank does not have such partnerships with Oneshift and Carousell.

Sample of Phishing Google advertisement:

 

How to protect yourself from being a victim of scams?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of SMS Phishing Scams / Alert

10 February 2022

Beware of re-emergence of SMS phishing scams where scammers impersonate delivery companies. Targeted members of the public are warned of either 1) outstanding payments for parcel deliveries that are required to be paid before their item(s) can be delivered, or 2) a need to update their credit/debit card information, and are asked to log onto a phishing website to make the payment or update the credit/debit card information respectively. Users who click on the link are asked to provide their credit/debit card details and One-Time Password (OTP), which are subsequently stolen by the scammers.

Annex A: Sample of fake Singpost SMS

Additionally, there are also reports of a phishing SMS purportedly sent by banks (e.g. Sender ID ‘SMS Alert’), which state that an individual’s debit and credit cards have been temporarily blocked, and requests for the individual to call a listed number to unblock the cards. Users who call the number will speak to a scammer, who may trick them into divulging confidential credit card and internet banking information.

Annex B: Sample of fake SMS Alert

 

How to protect yourself from being a victim of scams?

  • Be wary of fake SMSes with spoofed headers grammatical errors.
  • Do not call unofficial telephone numbers and click on URL links provided in unsolicited emails and text messages. With effect from 31 January 2022, banks have removed the clickable links in both email and SMS notifications. Always verify the authenticity of the information with the official websites or sources.
  • Never reply to unsolicited SMSes. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Phishing Scams Involving Application of E-wallets

9 February 2022

Beware of a re-emergence of video call phishing scams where scammers impersonate government agency officials, including those from Singapore Police Force (SPF) and Ministry of Manpower (MOM). Targeted members of the public will receive unsolicited video calls from the scammers via messaging applications, such as WhatsApp, Viber, and IMO, who will request for the individual’s personal information, banking credentials and One-Time Password (OTP), under the guise of ‘verification purposes’ or ‘assisting in investigations’.

The scammers will then create e-wallets on applications such as DBS PayLah!, Singtel Dash or GrabPay in the victims’ names, and use the e-wallets to withdraw money from the victims’ back accounts.

The Police would like to emphasise that these calls are NOT made by police officers.

Annex A: Sample of fake video calls

 

How can you protect yourself from scams?

  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. No government agency will request for personal information, banking credentials or OTPs through phone calls or messaging applications.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotline, if you are unsure of whether something is a scam.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Tech Support Scams

29 January 2022

There are recent reports of the re-emergence of Tech Support Scams. Please be vigilant of scammers impersonating staff from local telecommunication service providers or officers from government agencies who are offering technical support.

Since 15 April 2020, only overseas calls will show a ‘+’ prefix before the number showing on your caller ID. Calls received from local numbers will no longer carry a ‘+’ prefix.
Example 1: +6955 0221

This is likely to be a spoofed call. For local numbers, there will not be a ‘+’ prefix.
Example 2: +4241 2345

This is an overseas caller; be vigilant if you are not expecting an overseas call.

The scammers may instruct the victims to install applications, type commands into their computers or log onto their online banking account.

Government agencies and service providers will not request for your confidential personal details or access to your online banking account over the phone or through automated voice machines.

How can you protect yourself?

  • Beware of unsolicited calls from persons claiming to be a staff of the service provider or government officials
  • Be vigilant when answering calls showing a ‘+’ prefix, especially if you are not expecting any overseas calls.
  • Verify the authenticity of the call with the organisation.
  • Do not share your personal or internet banking details and OTP with anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report

Beware of Rising SMS/Email Phishing Scams

19 January 2022

There are recent reports of SMS and email phishing scams targeting bank customers in Singapore. The SMSes with spoofed headers or fictitious email addresses may appear to be sent from Maybank and include links to unfamiliar websites. These are phishing attempts and are not sent out by Maybank even though they may appear in the same thread as the legitimate SMSes from MaybankSG.

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official Maybank website URL (www.maybank2u.com.sg). Do not respond to requests to perform funds transfer to unknown account numbers.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Never reply to unsolicited calls, SMS or emails. Responding to such calls, SMSes or emails may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

 

Time Deposit Scams

28 December 2021

We have received reports of ongoing impersonation scams involving scammers impersonating Maybank staff and calling individuals to offer ‘Time Deposit Promotions’, and Fixed Deposit accounts. Targeted members of the public may be tricked into divulging their personal details, including bank details, One-Time Password (OTP), or to transfer money to unknown bank accounts.

Scammers offering the Fixed Deposit accounts may also send a phishing email including details of the ‘Fixed Deposit account’ to targeted members of the public and request for victims to deposit money to an unknown bank account.

Sample 1 of the fake Email

Sample 2 of the fake Email

The phone numbers reportedly used by the scammers include ‘68179208’, ‘+65 66028206’, ‘+65 68179208’, and ‘+65 67089332’. These are NOT valid Maybank hotline numbers.

Maybank will not request for application of Time Deposit accounts or Fixed Deposit accounts through calls, SMSes or emails. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number(s) maintained with Maybank.

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official Maybank website URL (www.maybank2u.com.sg) about opening of bank accounts and bank promotions. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number(s) maintained with Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Never reply to unsolicited SMS or emails. Responding to such SMSes or emails may be used by scammers for social engineering or to trick victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scams

13 December 2021

We have received reports of ongoing SMS scams purportedly sent from ‘MaybankSG’ impersonating Maybank. Customers were informed to reallocate their funds to another Maybank account and to call +65 66028206 (This is not a valid Maybank hotline number) for verification of customers’ details.

These SMSes are not sent by Maybank.

Sample of the fake SMS - December 2021

 

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Contact us at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the SMS.
  • Never reply to unsolicited SMS or emails. Responding to such SMSes or emails may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.

Job Scams Involving "Filmgo" related companies

7 December 2021

The Police would like to alert the public to a new variant of job scam where victims are invited to participate in jobs that allow them to earn commission through buying and selling movie tickets linked to various companies with the name “Filmgo”. Since November 2021, at least 41 victims have fallen prey to this scam, with losses amounting to at least S$203,000.

In these cases, the scammers would befriend victims on messaging applications such as MiChat and WeChat. These scammers would then introduce victims to purported job offers that would allow them to earn commission through the buying and selling of movie tickets involving various companies, such as Filmgo Production and Filmgo Digital etc. Victims would be directed to sign up for accounts on the “Filmgo” websites provided by the scammers. These websites would also offer mobile applications for victims to download and use its services conveniently.

Victims would be required to top-up their “Filmgo” accounts in order to buy and sell movie tickets and earn commissions, and the scammers would provide victims with bank accounts belonging to unknown individuals for the payment to be made. Most of the time, the victims would be convinced that their work was legitimate as their “Filmgo” account indicated the commissions they received after completing the jobs. However, victims would eventually discover that they had been scammed when they were unable to withdraw the money from their “Filmgo” accounts.

Annex A - Dec 2021

 

How to protect yourself from being a victim of scams

  • Do not accept dubious job offers that offer lucrative returns for minimal effort.
  • Never download applications from unverified sources.
  • Always verify the authenticity of the information with the official website or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report

Phishing Scams Involving Singapore Bicentennial Commemorative Notes

6 December 2021

The Police have received numerous reports of phishing scams involving text messages from scammers, where victims were allegedly directed to spoofed banking websites after being purportedly notified of their eligibility to receive Singapore Bicentennial commemorative notes.

Victims of such phishing scams would receive text messages from scammers that they are eligible to receive free Singapore Bicentennial commemorative notes and were directed to allegedly spoofed URLs. Upon clicking on the URLs, victims will be redirected to fraudulent websites which resembled the homepage of the purported bank’s internet banking website. Victims would then key in their internet banking credentials, thinking that this is necessary to receive the notes. Victims would only realise that they have been scammed when they discover unauthorised transfers of monies out of their bank accounts.

Sample of fake SMSes – Dec 2021

 

How to protect yourself from being a victim of scams

  • Be wary of fake SMSes with spoofed headers and check for grammatical errors in the message.
  • Do not click on URL links provided in unsolicited emails and text messages.
  • Always verify the authenticity of the information with the official website or sources.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Re-emergence of fake SMS scams with spoofed bank headers targeting bank customers

25 November 2021

The Police would like to alert members of the public to a re-emerging trend where scammers would send SMSes with spoofed headers of banks to victims, claiming to offer fixed deposits with high interest rates.

Victims would receive SMSes with spoofed headers, purportedly from a bank, advertising fixed deposit promotions offering high interest rates. Victims would be instructed to contact a number provided within the SMS to express their interest and obtain more details about the promotion. Once contacted, scammers would then attempt to get victims to divulge their personal details, such as bank details or One-Time Password (OTP), or transfer money to unknown bank accounts.

Sample of fake SMSes - Nov 2021

How to protect yourself from being a victim of scams

  • Be wary of fake SMSes with spoofed headers and check for grammatical errors in the message.
  • Always verify the authenticity of the information with the official website or sources.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Re-emergence of Phishing Email on Maybank Loyalty Programme

16 November 2021

We received reports of ongoing survey scams involving emails which are sent from MayBank-REWARDS (may.yagkbmaqsf@tohsyo-c.co.jp). The scam email tricks the victim to participate in a short survey in order to enjoy cash rewards. Upon clicking “Take the survey”, the phishing website will request the victim to provide confidential card information (e.g. Card Number, One-time Password, CVV number).  

Please note that Maybank did not conduct such surveys. The email address, email contents and URL links mentioned in the scam email below are not from Maybank Singapore Limited.

Sample of the scam email – November 2021

How can you protect yourself?

  • Be alert and always verify the authenticity of such surveys by calling 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others. Maybank will also not require you to key in confidential bank account or card details for such surveys.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

Payment Scams

3 November 2021

We received reports of ongoing payment scams involving scammers impersonating Maybank staff and requesting the victims to arrange for alternative payment modes for their facilities with Maybank. Scammers will also email the details to the victims using a fictitious Maybank email address.

Please note that the email address and the email contents mentioned in the email are not from Maybank. Maybank will not request for alternative payments to be made to unknown account numbers other than your account number(s) and/or credit card number(s) maintained with Maybank. For credit card payment methods, please refer to our website maybank.sg/ccpayment .

Sample of the scam email – Nov 2021

How can you protect yourself?

  • Be alert and always verify the details from Maybank. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number and/or credit card number maintained with Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Use the official Maybank website by typing the Maybank website URL (www.maybank2u.com.sg) to find out the payment methods for the respective Maybank facilities.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the email or if you suspect that you have been a victim of scams.

Car Loan Scam

12 October 2021

The latest car loan scam involves scammers using a purported bank’s letter, requesting victims to perform early settlement under the company Swift Consumer Service “SCS” in order to enjoy rebates or other incentives. Impersonating as bank staff, scammers usually answer queries from a fake phone number and reply emails using a fictitious Maybank email address.

Please note that the email address, email contents and names of individuals mentioned in the letter are not from Maybank Singapore Limited. For car loan settlement, please refer to the payment modes under FAQ 6 . Funds transfer and telegraphic bank transfer are not the listed payment options for car loan full settlement.

Sample of the scam email – Sep 2021

How can you protect yourself?

  • Do not respond to requests to perform funds transfer or telegraphic bank transfer for car loan full settlement. Be alert and always verify the details from Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Use the official Maybank website by typing the Maybank website URL (maybank2u.com.sg) to find out information about Car Loan.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the letter or if you suspect that you have been a victim of scams.

Beware of Job Scams

12 October 2021

We received reports of ongoing job scams involving the downloading of applications (e.g. Uspeed Technology (‘UT’) app) and promising quick cash by liking or watching videos on different social media platforms.

Victims are usually recommended by their friends to download the mobile application (e.g. UT app) and perform tasks to “generate” income. Pictures of funds successfully credited to the accounts are usually shown to the victims convincing them to believe that the rewards are legitimate. After downloading the mobile application, victims are required to pay membership fees by depositing money to the mobile application before performing the daily tasks to receive the payouts.

Victims only realise that they had fallen prey to the scams when they can no longer open the mobile application, withdraw the remaining funds deposited to the application and the ‘administrator’ stopped responding to the messages.

 

How can you protect yourself?

  • Be cautious when you are asked to make upfront payments before you start a job with the promise of attractive commission or rewards.
  • Do not accept dubious job opportunities that offer lucrative returns for minimal effort.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

New Security Notifications

As part of the financial industry-wide initiative for a safer online banking experience, we are introducing our new device login notification.

You will receive a notification if we detect a new device/browser login to your Maybank2u Online/Mobile banking or when you log in from a new location.

To find out more, please refer to our FAQ.

How can you protect yourself?

  • Beware of links provided in unsolicited emails. Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Change your passwords periodically.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Beware of Fake Job Offers

07 September 2021

The Singapore Police Force has noted a recent significant rise in the number of job scam cases.

In these transnational job scams targeting job seekers, the syndicate would post advertisements for fictitious jobs promising quick cash on different social media platforms. Victims are given instructions to make payments by transferring funds to designated bank accounts, claiming that it was to boost the sales of various merchants on popular e-commerce sites. In return, they were promised commissions based on the amount transferred, on top of the full reimbursements. Victims often receive the promised reimbursements and commissions initially, leading them to believe that it was a legitimate job and enticing them to deposit even larger sums of money. Victims only realise that they had fallen prey to scams when they did not receive the subsequent reimbursements and commissions.

How can you protect yourself?

  • Be cautious of social media platforms asking for upfront payments before you start work on the promise of a refund with a commission.
  • Do not accept dubious job opportunities that offer lucrative returns for minimal effort.
  • Always verify the authenticity of the job with the official websites or sources.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

 

Source: Channel NewsAsia 30 Aug 2021 12:01 PM

Beware of Phishing Email on Maybank Loyalty Programme

23 August 2021

We received reports of ongoing survey scams involving emails which are sent from MayBank-REWARDS (may.sglsenydnq@laylax.com). The scam email tricks the victim to participate in a short survey in order to enjoy cash rewards and complimentary miles. Upon clicking “Participate Now”, the phishing website will request the victim to provide confidential card information (e.g. Card Number, One-time Password, CVV number).   

Please note that Maybank did not conduct such surveys. The email address, email contents and URL links mentioned in the scam email below are not from Maybank Singapore Limited.

Sample of the scam email – August 2021

How can you protect yourself?

  • Be alert and always verify the authenticity of such surveys by calling 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others. Maybank will also not require you to key in confidential bank account or card details for such surveys.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

New Type of Phishing Scams Targets Bank Customers with Spoof SMSes

16 July 2021

Banking-related phishing scams have re-emerged in the form of spoof SMSes that trick victims into thinking they were sent by their bank. A total of S$1.07 million was lost in 374 cases of such scams between January and May this year.

Victims of the scam received an SMS allegedly sent by their bank, informing them of the payment attempts detected from their bank account. As the scammers have spoofed the bank’s SMS accounts, the scammers’ message may be appended to the same SMS message thread from the bank.

Upon clicking on the link in the SMS, the victims were led to a phishing site resembling the bank’s official website. They were then asked for their personal information such as Internet Banking details and One-time-passwords (OTP). After providing the details, the victims realised that they have been scammed when they received SMS notifications about money being transferred from their accounts. 

How can you protect yourself?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Always check that the message reflects your intended actions and do not proceed or authorise any suspicious transactions.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Do note that Bank staff or government officials will never request for your banking credentials such as username, password and One-Time Password (OTP) over the phone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

 

Source : Channel NewsAsia 10 July 2021 1:37PM

Increase in Ransomware Scam cases

9 July 2021

There has been a recent increase in ransomware cases involving small and medium-sized enterprises (SMEs).

Ransomware is a type of malware that criminals use to encrypt files on the victim’s computer or shared network drive, preventing the victim from accessing these files. The criminal will then demand a ransom in exchange for a decryption key to access these files again.

How can you protect yourself?

  • Ensure your important files and data are regularly backed up.
  • Beware of links provided in unsolicited emails.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Car Loan Scam

15 June 2021

We received reports of ongoing car loan scams involving emails which are sent from MAYBANK SINGAPORE LIMITED (fcs_services@maybank.com.sg). The email includes a letter with Maybank letterhead requesting the victim to perform full settlement under Fast Consumer Service “FCS” in order to enjoy early settlement rebates.

Please note that the email address, email contents and names of individuals mentioned in the letter are not from Maybank Singapore Limited. For car loan settlement, please refer to the payment modes under FAQ 6 . Funds transfer is not one of the listed payment options for car loan full settlement.

Sample of the scam email – June 2021

How can you protect yourself?

  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Use the official Maybank website by typing the Maybank website URL (www.maybank2u.com.sg) to find out information about Car Loan.
  • Be alert and always verify the details from Maybank. Do not respond to requests to perform funds transfer for car loan full settlement.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the letter.

Covid-19 Vaccination Scam

04 June 2021

The Singapore Police Force is cautioning members of the public to be vigilant when they receive SMS messages on the vaccination exercise to avoid falling prey to scams.

Scammers will request for payment of the vaccines or to obtain early access to the vaccines. Vaccines are free for Singaporeans, Permanent Residents and long-term residents. The Ministry of Health (MOH) will not ask for payment to schedule or to receive the vaccinations.

How can you protect yourself?

  • Check the messages for grammatical errors.
  • Ensure that the unique link ends with gov.sg before clicking on it.
  • When in doubt, verify the authenticity of messages by calling MOH’s hotline at 1800- 333 9999.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Covid-19 Related Scam: Donations for oxygen machines to India

04 June 2021

The Singapore Police Force alerted the public to a new type of scam where scammers use compromised WhatsApp accounts to solicit donations for the purchase of oxygen concentrator machines to be sent to India.

The scammer would communicate with the victims using compromised WhatsApp accounts belonging to the victim’s friends. They would claim to be raising funds to purchase oxygen concentrator machines for donation to India and request for the victims to assist with the purchase or to donate to patients in India.

How can you protect yourself?

  • Beware of unusual requests received over WhatsApp, even if they were sent by your WhatsApp contacts.
  • Verify whether the request is legitimate by checking with your family and friends offline.
  • Never send money to people whom you do not know or have not met in person
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Impersonation Scams

04 June 2021

The Singapore Police Force would like to caution the public to be vigilant of scammers impersonating staff from local telecommunication service providers or officers from government agencies who are offering technical support.

Since 15 April 2020, only overseas calls will show a ‘+’ prefix before the number showing on your caller ID. Calls received from local numbers will no longer carry a ‘+’ prefix. 

Example 1: +6955 0221
This is likely to be a spoofed call. For local numbers, there will not be a ‘+’ prefix. 

Example 2: +4241 2345
This is an overseas caller; be vigilant if you are not expecting an overseas call.

The scammers might instruct victims to install applications, type commands into their computers or log onto their online banking account.

Government agencies or service providers will not request for your personal details or access to your online banking account over the phone or through automated voice machines.

How can you protect yourself?

  • Beware of unsolicited calls from persons claiming to be service provider staffs or government officials
  • Be more vigilant and exercise greater care when answering calls showing a ‘+’ prefix, especially if you are not expecting any overseas calls.
  • Verify the authenticity of the call with the organization
  • Do not share your personal or internet banking details and OTP with anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Vulnerability of Data Synchronisation of Mobile Devices

03 May 2021

Some smart phones have features that support the synchronisation of data such as SMSes and emails between the mobile device and online storage or cloud services in near real time.

For smart phone users who have enabled data synchronisation on their devices, sensitive information such as One-time Passwords (OTP) sent via SMS or emails by financial institutions, can be accessed by criminals if their login credentials to the online storage or cloud services have been compromised. Exposed OTPs together with online banking credentials or credit card information harvested from customers can potentially be used by criminals to perform fraudulent financial transactions.

Customers are advised to be vigilant to these cyber risks and keep their mobile devices and related online accounts secured.

How can you protect yourself?

  • Do not share your banking credentials such as username, password, OTP or bank account details with others.
  • Change your passwords periodically.
  • Use unique passwords that do not include any personal information such as your name or date of birth.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Impersonation Scams

23 April 2021

We received reports of ongoing SMS scams sending from 79899 impersonating Maybank that we have temporarily suspended customers’ card and to call 31386333 for verification of customers’ details and to reactivate their cards.

These SMS are not sent by Maybank.

Sample of the SMS – April 2021

How to protect yourself from scams

  • Be alert and always verify the details in the messages from Maybank. Always check that the message reflects your intended actions and do not proceed or authorise suspicious transactions.
  • Contact us at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the SMS.
  • Never reply to unsolicited SMS or emails. Responding to such SMSes or emails may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.

 

WhatsApp Takeover Scam

17 February 2021

The Singapore Police Force has noted an increase in the number of reports received for WhatsApp Account Takeover Scams involving the 2 variants below:

Variant 1 – Direct Contact with Victim
The scammer would impersonate support staff from WhatsApp and request a 6-digit verification code for account recovery to gain access to the account.

Variant 2 – Indirect Contact using Victim’s Voicemail
The scammer would repeatedly fail the 6-digit verification code on the victim’s phone number. If the victim did not answer the resulting voicemail, the scammer would then use the default PIN used by telco providers to retrieve the 6-digit verification code from the victim’s voicemail and take over the victim’s WhatsApp account.

Note: Upon accessing the victim’s account, the scammer could then enable two-step verification to prevent the victim from regaining control over the WhatsApp account.

 

What can you do to protect yourself?

  • Never share your WhatsApp verification code with anyone regardless of who they claim to be.
  • Be aware of any unusual requests received on WhatsApp, even if they were sent from your WhatsApp contacts.
  • Enable the two-step verification feature on WhatsApp. This can be done by opening WhatsApp and go to ‘Settings’ → ‘Account’ → ‘Two-step verification’ → ‘Enable’.
  • Change your voicemail account’s default PIN. Alternatively, contact your telco to deactivate the feature if you have no need for it.
  • If you suspect that you have been a victim of scams, please call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

Scam Advisory

20 January 2021

The Singapore Police Force (SPF) has issued a recent scam advisory on the following:

Phishing Scams – Fake Pizza Hut Advertisements
There are advertisements on social media offering cheap pizza deals with links to external sites where potential victims will be tricked into providing their banking details and One Time Password (OTP) to make payment. Victims only realised that it is a scam when they discovered unauthorised transactions in their bank accounts.

 

Social Media Impersonation Scams – Fake Qoo10 Websites
There are cases where scammers would use compromised or spoofed social media accounts to impersonate the victims' friends or relatives. Fake Qoo10 campaign messages are sent to victims to inform them that they have won lucky draw prizes. Victims would then be led to the fake Qoo10 website where they would be asked to key in their banking details and One Time Password (OTP) as an “administrative procedure” to claim their prize.

 

What can you do to protect yourself?

  • Do not click on unsolicited advertisements or text messages.
  • Verify the authenticity of the information with the official website/sources.
  • Do not share your personal or Internet Banking details and One Time Password(OTP).
  • If you suspect that you have been a victim of scams, please call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).

 

Launch of ScamShield Mobile Application
On 20 November 2020, National Crime Prevention Council (NCPC) has launched the ScamShield mobile application for iOS users to prevent scam calls and messages from reaching handphone users.

To find out more about the ScamShield App, please visit ncpc.org.sg/scamshield.