Security and Privacy

Security and Privacy

New Scam Alerts

Advisory on Impersonation Scams arising from Compromised WhatsApp Accounts

12 May 2026

Beware of scammers attempting to take over WhatsApp accounts by entering victims' mobile numbers and triggering a WhatsApp verification one-time password (OTP) request sent to the victims. Scammers may then impersonate a known contact and claim the OTP was sent by mistake to trick victims into disclosing it.

Once the WhatsApp account is compromised, scammers impersonate the victim to contact their family or friends, citing urgent pretexts such as emergency loans and pressuring them to transfer money via digital payment methods including PayNow QR codes to digital payment service providers such as Razer Merchant Services and Grab.

Victims typically realise they have been scammed only after verifying the requests directly with the actual WhatsApp accounts' users.

 

How can you protect yourself from falling prey to scam?

  • Be cautious of unusual or urgent money requests received over WhatsApp and never share your WhatsApp OTP with anyone.
  • Secure your account by removing unknown linked devices linked to your WhatsApp account via "Settings > Linked Devices".
  • Enable the 'Two-Step Verification' feature on your WhatsApp account via "Settings > Account > Two-step verification > Enable".
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Government Official Impersonation Scams

16 March 2026

Beware of scammers impersonating government officials and instructing victims to hand over valuables such as gold bars, jewellery or luxury watches.

Victims may receive unsolicited calls from scammers posing as representatives from insurance, financial institutions or retailers, alleging outstanding insurance premiums or unauthorised card transactions. When victims deny these claims, they may be transferred to another scammer impersonating officials from agencies such as the Monetary Authority of Singapore (MAS) or the Ministry of Law (MinLaw).

Victims are then accused of involvement in criminal activities (e.g. money laundering) and may be provided with fake documents such as a "warrant of arrest" or a "financial inspection order". They may be instructed to hand over valuables to unknown individuals for purported "investigation purposes" including items newly purchased under the scammers' instructions or valuables owned by the victims.

Victims usually realise they have been scammed only when the scammers become uncontactable or after verifying the matter with the relevant authorities.

 

How can you protect yourself from scams?

  • Never transfer or hand over money, valuables, cryptocurrency or luxury items to unknown persons.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Phishing Emails Impersonating Compliance Notifications on Expired W-8BEN Forms

16 March 2026

Since January 2026, phishing emails with the subject "Compliance Notification – Expired W 8BEN Requires Immediate Action" have targeted customers across multiple financial institutions.

Victims who click embedded links are directed to fake login pages and prompted to enter their credentials and 2FA OTPs, allowing scammers to gain unauthorised access to accounts. The stolen information is then used to perform unauthorised transactions including the buying and selling of securities.

Phishing campaigns continue to evolve using lures such as account verification requests, security alerts, regulatory notices, promotional offers or fake transaction confirmations. These scams may be delivered via email, SMS or voice calls, often using realistic branding and social engineering tactics to deceive recipients.

Sample of Phishing Email Notification

How can you protect yourself from scams?

  • Do not click on embedded links in emails or SMS messages claiming urgent action is required.
  • Verify the authenticity of any compliance or security notifications by contacting your bank through official channels.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Beware of Phishing Email Impersonating Maybank Singapore CEO

27 January 2026

Beware of a phishing email currently circulating that falsely claims to be from the Maybank Singapore CEO. Do not respond to such emails, as they are not legitimate.

Sample of Phishing Email Notification

How can you protect yourself from scams?

  • Be wary of fake emails sent using fictitious email address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited emails and SMSes. Maybank does not send emails and SMSes with clickable URL links.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

E-commerce Phishing Scams involving Unbelievably Attractive Deals on Social Media Platforms

23 December 2025

Beware of advertisements on social media promoting incredible discounts on daily essentials and food items such as a huge discount on a herbal chicken order. Victims, enticed by these offers, proceed to checkout and are prompted to enter their SMS One-Time Password (OTP). They then receive a notification that their card has been successfully added to a mobile wallet.

Scammers trick victims into providing their card details and OTPs, giving them access to the victims' accounts. The stolen card details are then added to the scammers' devices, enabling unauthorised transactions that often go unnoticed by victims until they review their statement(s).

 

How can you protect yourself from scams?

  • Be alert of promotions that appear too good to be true and report any suspicious websites or social media accounts immediately.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions upon receiving an SMS or notification indicating that your Card has been successfully added to Apple Pay or Samsung Pay, if this was not your request.
  • Lodge a police report.

Advisory on Investment Scams involving Shell Investment Applications that Promote Fraudulent Investment Products

16 December 2025

Beware of scammers promoting fake investment products through shell investment applications. Victims are often enticed by attractive social media advertisements that falsely promise guaranteed high returns on investments.

Victims were first contacted via WhatsApp and subsequently invited to join group chats filled with scammers posing as successful investors. In these chat groups, victims were persuaded to download seemingly genuine trading applications from mobile app stores, not realising these were in fact fake platforms displaying fabricated trades and profits.

Victims were then instructed to transfer money to specified bank accounts or via a QR code to YouTrip to start the "investment". In some cases, victims were asked to meet unknown individuals in person to hand over cash or gold to "invest" in these fraudulent investment products. Victims were issued fake documents as proof of their investment deposits and only realised that they had been scammed when they were unable to withdraw their money.

 

How to protect yourself from investment scams?

  • Activate your device’s privacy function to prevent unknown persons from adding you to their group chats.
  • Always check for user reviews and ratings of application before downloading them, even if they are believed to be legitimate and are available on official application stores.
  • Verify the authenticity of the investment company by confirming the company’s credentials and representatives’ credentials using available resources including the Financial Institutions Directory, Register of Representatives, and Investor Alert List on the MAS’ website.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Phishing Scams Exploiting Legitimate Email Domains

03 December 2025

Beware of scammers who exploit automated email features of legitimate platforms (such as Google AppSheet, Pipefy and Salekit) to mass-send phishing emails impersonating banks and other trusted entities. Victims would receive fake email alerts, alerting them of unauthorised account access or transactions and were instructed to call a fraudulent support line, often a VoIP number beginning with 315.

Once victims called the fraudulent support line, scammers would pose as legitimate bank or company representatives, tricking them into providing login credentials or authorising fraudulent transactions, resulting in monetary losses.

 

How can you protect yourself from scams?

  • Be wary of fake emails sent using fictitious email address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited emails and SMSes. Maybank does not send emails and SMSes with clickable URL links.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Install ScamShield from your official app store to enhance your protection. Use ScamShield, an app that helps you block scam calls and SMSes and use it to report scam calls, SMSes and messages from chat apps like WhatsApp, WeChat and Viber.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Scams Involving the Impersonation of Food Delivery Platforms

26 November 2025

Beware of scammers impersonating food delivery platforms who claim there are upgrades or connection issues with their point-of-sale terminals. Victims are then asked to provide personal information such as email addresses, mobile numbers, platforms’ passwords and/or OTPs, purportedly to verify their identities.

The scammers would access the victims’ platform accounts or email accounts in order to maliciously update bank accounts details, add spoofed email accounts and change account notification settings. This allows scammers to divert victims' earnings to their own banks or payment service provider accounts.

 

How can you protect yourself from scams?

  • Always verify the authenticity of the information with the official websites or sources.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or to trick the victims into divulging confidential account and internet banking information.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Install ScamShield from your official app store to enhance your protection. Use ScamShield, an app that helps you block scam calls and SMSes and use it to report scam calls, SMSes and messages from chat apps like WhatsApp, WeChat and Viber.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Phishing Scams Targeting Cryptocurrency Platforms

19 November 2025

Beware of scammers impersonating cryptocurrency platforms sending fraudulent SMSes and emails to deceive victims into relinquishing control of their accounts.

Victims would receive either SMSes, iMessages or emails informing them of suspicious new logins to their cryptocurrency account. Victims would then be asked to review the logins by clicking on phishing link in the message, which would redirect victims to a fake login page. Upon entering their login details, the victims would be asked to regenerate a deposit wallet key and cancel a withdrawal request. This allows scammers to gain access to victim’s account to conduct funds transfers.

 

How can you protect yourself from scams?

  • Do not click on suspicious URL links sent via unsolicited emails, SMSes, or pop-up ads.
  • Always verify the authenticity of the message directly with the official websites or sources.
  • Install ScamShield from your official app store to enhance your protection. Use ScamShield, an app that helps you block scam calls and SMSes and use it to report scam calls, SMSes and messages from chat apps like WhatsApp, WeChat and Viber.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Job Scam - Be on your guard against the lure of easy money

4 September 2025

Beware of re-emerging job scams where victims would be added in various messaging group chats offering job opportunities which involves simple tasks such as liking videos and products or making funds transfers in order to receive commission. Victims who expressed interest in the jobs were instructed to sign up for accounts via the website links provided by the scammers.

The scammers would provide the victims with bank accounts belonging to unknown individuals for payments to be made on the pretext of reviewing the items in order to earn the commissions. Victims would initially be convinced that their work was legitimate as they were able to receive the commissions. They only realised that they have been scammed when they stopped receiving the commissions.

 

How to protect yourself from being a victim of scam?

  • Do not accept dubious job offers that offer lucrative returns with minimal effort.
  • Never download applications from unverified sources.
  • Never use your bank account(s) to receive or transfer money as part of the job
  • Never disclose your Singpass credentials, banking or card credentials including OTP or card CVV number with others.
  • Lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Maybank Phishing E-mail

6 May 2025

Beware of phishing e-mails purportedly sent by Maybank to request customers to do a Credit Card update via M2U.These customers were then informed their M2U access have been temporarily suspended after maximum number of failed login attempts. After which, they were provided a link to complete the verification process.

DO NOT respond to such emails as these are NOT valid emails sent by Maybank.

Sample of Phishing email notification:

How can you protect yourself from scams?

  • Be wary of fake emails sent using fictitious email address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited emails and SMSes. Maybank does not send emails and SMSes with clickable URL links.
  • Always verify the authenticity of the message directly with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Advisory on a Fraudulent SMS Regarding Expiring Points

21 March 2025

Beware of scammers impersonating Maybank and sending fraudulent SMSes claiming that your rewards points are expiring. The SMS contains a link urging you to click it to redeem your points before they expire. Do not click on the link as this is not a valid SMS sent by Maybank.

For any concerns about your rewards points or bank account, always visit Maybank’s official website or call our hotline to verify the authenticity of the message.

Sample of fraudulent SMS messages

How can you protect yourself against impersonation scam?

  • Do not click on the URL links sent via unsolicited SMSes. Maybank does not send SMSes with clickable URL links.
  • The Bank will never ask for your personal information or digital banking credentials
  • Never disclose your SingPass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never respond to unsolicited SMS. Scammers may use your reply to try to trick you into divulging confidential account and internet banking information. Adopt the following precautionary measures :
    • Add – Install security features such as the ScamShield App on your devices
    • Check – Keep an eye out for scam signs and verify information with official sources.
    • Tell – Inform the relevant authorities, friends and family of any scam incidents immediately.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Maybank Impersonation Scams

24 February 2025

We continue to receive reports of callers claiming to be from Maybank and advising potential victims of unauthorised transactions on their credit cards or that their personal details were misused to apply for credit cards. These calls aim to trick victims into transferring money to a ‘safety account’ or share confidential account or internet banking information to assist in the investigation. Maybank staff will never ask you to disclose your internet banking login details, card information or OTPs.   

Should you receive such calls, hang up the call immediately and proceed to report the scam via the 24/7 ScamShield Helpline at 1799 or ScamShield app.


How can you protect yourself from scams?

  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or to trick the victims into divulging confidential account and internet banking information.
  • Use ScamShield, an app that helps you block scam calls and SMSes and use it to report scam calls, SMSes and messages from chat apps like WhatsApp, WeChat, and Viber. ScamShield filters incoming scam calls and messages based on a list maintained by the Singaporean Police Force. Install ScamShield from your official app store to enhance your protection.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Investment Scam Impersonating Banks or Bank Staff

28 December 2024

Beware of scammers who impersonate “Investment Expert” or “Advisor” from Maybank Singapore.

Sample of fake messages

  • It has come to our attention that there is a fraudulent investment circulating through a WhatsApp group created to solicit participation in investment programmes in the name of Maybank Singapore and mentions of Maybank Singapore Country CEO Mr Alvin Lee, amongst other Maybank Group staff.
  • Victims were approached via phone call and/or WhatsApp, inviting them to join a WhatsApp group via QR code or WhatsApp link.
  • Materials such as investment analysis are being shared in the group to strengthen the scammers’ credibility

Please be informed that this fraudulent Whatsapp group is not created by Maybank, and we have no affiliation to the individuals involved in creating this group.


How can you protect yourself against impersonation scam?

  • Verify the legitimacy of these financial experts with the Bank
  • Do not click on any suspicious link or scan an unknown QR code
  • The Bank will never ask for your personal information or digital banking credentials
  • Adopt the following precautionary measures :
    • Add – Install security features on your devices such as the ScamShield App.
    • Check – Keep an eye out for scam signs and verify information with official sources.
    • Tell – Inform the relevant authorities, friends and family of any scam incidents immediately.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Watch out for calls claiming unauthorised transactions on your cards

18 December 2024

We received reports of callers claiming to be our bank staff, who have been advising the public on the unauthorised transactions on their credit cards. The callers may also request to transfer the calls to The Monetary Authority of Singapore's reporting line. The purpose of these calls is to obtain account-related credentials that would enable the scammers to access your accounts and perform unauthorised transfers.

How can you protect yourself from scams?

  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never transfer money to strangers.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Investment Scam Impersonating Banks or Bank Staff

21 November 2024

Beware of scammers who impersonate “Investment Expert” or “Advisor” from Maybank Singapore or Malaysia.

  • It has come to our attention that there is a fraudulent investment circulating through a WhatsApp group created to solicit participation in investment programmes in the name of Maybank Singapore and mentions of Maybank Singapore Country CEO Mr Alvin Lee, amongst other Maybank Group staff.
  • Victims were approached via phone call and/or WhatsApp, inviting them to join a WhatsApp group via QR code or WhatsApp link.
  • Materials such as investment analysis are being shared in the group to strengthen the scammers’ credibility

Please be informed that this fraudulent Whatsapp group is not created by Maybank, and we have no affiliation to the individuals involved in creating this group.

How can you protect yourself against impersonation scam?

  • Verify the legitimacy of these financial experts with the Bank
  • Do not click on any suspicious link or scan an unknown QR code
  • The Bank will never ask for your personal information or digital banking credentials
  • Adopt the following precautionary measures :
    • Add – Install security features on your devices such as the ScamShield App.
    • Check – Keep an eye out for scam signs and verify information with official sources.
    • Tell – Inform the relevant authorities, friends and family of any scam incidents immediately.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on SMS Stealer Targeting Android Device Users

8 August 2024

The Cyber Security Agency of Singapore (CSA) alerted to a mobile malware that can scan SMSes to retrieve one-time passwords (OTP). The SMS stealer is distributed via malicious advertisements or Telegram bots that can automatically communicate with victims.

In the first method, victims are tricked to click a link that leads them to a webpage impersonating the Google Play website. In the second method, Telegram bots promise an app that users would normally have to pay for in exchange for their phone numbers.

The malicious app, disguised as an Android application package (APK) is then generated for tracking and potential future cyber attacks targeting the victim.

Android users are advised to adopt the following measures to protect their devices against malware:

  • Install only apps from the official Google Play Store. Check the developer information on the app listing, and download only apps developed and listed by the official developer.
  • Avoid disabling the Play Protect function that runs safety checks on apps from the Google Play Store before downloading them.
  • Read the security permissions requested by the app and its privacy policy before downloading. Be wary of apps that ask for unnecessary permissions like accessing the SMS function or contact list on a device.
  • Immediately uninstall any unknown apps that suddenly appear on devices.
  • Perform anti-virus scans and keep regular backups of important data.
  • Ensure that devices’ operating systems and apps are updated regularly so that they are protected by the latest security patches.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

 

Source:

https://www.straitstimes.com/tech/android-devices-targeted-in-global-campaign-that-steals-smses-to-get-otps

Re-emergence of bulk order scams

18 July 2024

Beware of the re-emergence of bulk order scams targeting businesses in the renovation, food and beverage, retail and service industries.

In this scam, the scammers would pose as customers and call or text the businesses via WhatsApp under the pretext of making bulk orders or reservations or an item from a brand that the businesses do not stock.

The scammer would then recommend a fake supplier for the victims to buy the items from.

In order to convince the victim, Scammers would provide screenshots of fake payment documentation to prove that they had partially paid for bulk orders in advance. The victim would then be assured and proceed to make upfront payment for orders placed with the fake supplier.

Victims realised that they had been scammed only when they did not receive any payment from the “customer”, or when the “supplier” did not deliver the goods, or when both “customer” and “supplier” become uncontactable.

How can you protect yourself from falling prey to scam?

  • Businesses should independently verify the identity of parties that they correspond with.
  • Avoid making advance payments or deposits to new suppliers.
  • Arrange to meet the supplier and only pay for goods that have been delivered.
  • Check for reviews of the supplier before committing to a purchase.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Phishing Scams Involving Fake Buyers on Carousell

10 May 2024

Scammers would pose as buyers on Carousell and request victims to key in their banking details on spoofed websites to facilitate payment or delivery, via a phishing link sent by the scammer. Upon clicking on the phishing URL link, victims would be directed to fraudulent websites and tricked into providing their banking credentials and One-Time Passwords (OTP) to complete the transaction. Victims would only realise that they have been scammed when they discovered unauthorised transactions made to their bank accounts.

How to protect yourself from being a victim of scams?

  • Always verify the buyer's profile on online marketplaces by checking the account's verification status, creation date, review and ratings.
  • If in doubt, always verify the authenticity of the information with the e-commerce platform directly.
  • Do not click on dubious URL links.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Advisory on Protecting Yourself From Malicious QR Codes

2 May 2024

Beware of the dangers and potential threats of malicious Quick Response (QR) codes as they could trick unsuspecting individuals into scanning these codes and consequently exposing themselves to various threats. Some of the common types of attacks involving QR codes are as follows:

  • Phishing- Malicious QR codes are used to redirect unsuspecting individuals to phishing websites masquerading as legitimate ones to steal sensitive information such as login credentials, credit card numbers or other personal data.
  • QR Code Swaps- Legitimate QR codes displayed as businesses are altered or tampered with in order to trick individuals into redirecting payments to a scammer’s account.
  • Malware Infection- Scammers may use QR codes to trick you into downloading malware from an app store or website.  They seek permission to download other apps, read your SMSes or look through your phone.  Saying ‘yes’ to a permission request will give scammers the opportunity to control your device, spy on your chats, steal your sensitive information and steal your money through funds transfers or credit card charges. 

 

How can you protect yourself from Malicious QR Codes?

  • Avoid scanning QR codes received via unsolicited text, WhatsApp messages, E-mails or social media messaging platforms.
  • Look out for signs that the QR codes at public places have been tampered with. Only download files or applications from official and verified sources.
  • Verify the recipients of the digital payments through QR codes before confirming payment.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on SMS Phishing Scams Impersonating Banks or Bank Staff

17 January 2024

Beware of a persistent trend of a phishing scam variant where scammers would impersonate different banks through unsolicited SMSes bearing short codes, overseas numbers or local numbers in order to phish for victims' online banking usernames, passwords and One-Time Passwords (OTP). These SMSes would warn the victims of possible unauthorised attempts to access their bank accounts, urging them to click on the embedded URL links to verify their identities and stop the transactions.

After clicking on the links, the victims would be directed to fake bank websites where they would be misled into providing their internet banking credentials and OTP, which the scammers would use to make unauthorised withdrawals.

How can you protect yourself from scams?

  • Banks will never send clickable links via SMSes or email. Always go directly to the banks' websites or call the banks' hotlines to verify the authenticity of any banking-related requests.
  • Bank staff will never ask you for your credit or debit card details, CVV or OTPs to unlock your account. Never disclose such confidential details to anyone.
  • Install ScamShield App to protect yourself against scam calls and SMSes.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.