Security and Privacy

New Scam Alerts

Do you know the latest scam signs and how to spot them?

Take The Scam Buster Bank Quiz from National Crime Prevention Council to find out.

Take the quiz now

Disclaimer: By clicking the “Take the Quiz Now” button, please note that you will be brought to National Crime Prevention Council’s website, a third party website. The contents and the use of the website is subject to their terms, including those related to confidentiality, privacy and security.

Advisory on SMS Phishing Scams Impersonating Banks or Bank Staff

17 January 2024

Beware of a persistent trend of a phishing scam variant where scammers would impersonate different banks through unsolicited SMSes bearing short codes, overseas numbers or local numbers in order to phish for victims' online banking usernames, passwords and One-Time Passwords (OTP). These SMSes would warn the victims of possible unauthorised attempts to access their bank accounts, urging them to click on the embedded URL links to verify their identities and stop the transactions.

After clicking on the links, the victims would be directed to fake bank websites where they would be misled into providing their internet banking credentials and OTP, which the scammers would use to make unauthorised withdrawals.

How can you protect yourself from scams?

  • Banks will never send clickable links via SMSes or email. Always go directly to the banks' websites or call the banks' hotlines to verify the authenticity of any banking-related requests.
  • Bank staff will never ask you for your credit or debit card details, CVV or OTPs to unlock your account. Never disclose such confidential details to anyone.
  • Install ScamShield App to protect yourself against scam calls and SMSes.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Maybank Phishing E-mail

14 October 2023

Beware of phishing e-mails purportedly sent by Maybank, informing victims that their space is temporarily suspended. The e-mail consists of a URL link, as well as instructions to rectify the matter. DO NOT respond to such emails as these are NOT valid emails sent by Maybank.

Sample of Phishing E-mail Notification

 
 

How to protect yourself from scams

  • Be wary of fake e-mails sent using fictitious e-mail address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited e-mails and SMSes. Maybank does not send e-mails and SMSes with clickable URL links.
  • Always verify the authenticity of the message directly with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Advisory on Mid-Autumn Festival Malware Scam

6 September 2023

Beware of new scams involving mooncake sales on social media platforms. Upon contacting the “sellers” through social messaging platforms to place orders for mooncakes advertised on Facebook and Instagram, the victims were directed through WhatsApp to make payment. The sellers would provide links that can lead to the download of malicious Android Package Kit (APK) files. In some cases, victims were instructed to make PayNow or bank transfers to buy the mooncakes.

The scammers would then inform victims that their orders had to be cancelled due to production or manpower issues, and direct them to the malicious links for “refunds”. After the APK file was downloaded and installed, the scammers would gain remote access to the victims’ devices, letting them steal passwords and retrieve banking credentials. The victims later discovered unauthorised transactions from their banking accounts.

How can you protect yourself against malware?

  • Never download apps outside the official app stores.
  • If you suspect that your device has been infected with malware, immediately turn on “flight mode”. Check to ensure WIFI and mobile data connection are disabled.
  • Review the security permissions required by the application and/or its privacy policy before installation.
  • Ensure that your mobile devices are installed with updated anti-virus and anti-malware applications that can detect and remove malware.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.


Source: https://www.straitstimes.com/singapore/online-mooncake-scam-27-people-lose-325000-in-a-month

Maybank Phishing E-mail

22 August 2023

Beware of phishing emails purportedly sent by Maybank, informing victims that an update is required or that their account has been suspended. The e-mail consists of a URL link, as well as instructions to rectify the matter. DO NOT respond to such emails as these are NOT valid emails sent by Maybank.

Samples of Phishing Email Notifications

 

 

How can you protect yourself from scams?

  • Be wary of fake emails sent using fictitious email address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited emails and SMSes. Maybank does not send emails and SMSes with clickable URL links.
  • Always verify the authenticity of the message directly with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Advisory on Fake Fixed Deposit Scam

4 August 2023

Beware of phishing SMSes targeting victims with fake Maybank fixed deposit promotion offering high interest rates. Upon contacting the scammer, the victims will be tricked to transfer money into the scammer’s bank account(s) or to provide sensitive banking and personal information. Once the scammers obtain this information, they will be able to access the victims’ bank accounts and consequently perform unauthorised transactions without the victims’ knowledge.

Sample of Fake SMS

 

How can you protect yourself from scams?

  • Be wary of unsolicited advertisements and text messages, especially those related to deals that seem too good to be true.
  • Be wary of fake SMSes with spoofed headers and check for grammatical errors in the message.
  • Always verify the authenticity of the information with the official website or sources.
  • Never disclose your personal details such as SingPass, online banking credentials, credit card details and One-Time Password (OTP) to anyone.   
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Protecting Yourself From Malicious QR Codes

11 July 2023

Beware of the dangers and potential threats of malicious Quick Response (QR) codes as they could trick unsuspecting individuals into scanning these codes and exposing themselves to various threats. Some of the common types of attacks involving QR codes are as follows:

a) Phishing- Malicious QR codes are used to redirect unsuspecting individuals to phishing websites masquerading as legitimate ones to steal sensitive information such as login credentials, credit card numbers or other personal data.

b) QR Code Swaps- Legitimate QR codes displayed as businesses are altered or tampered with in order to trick individuals into redirecting payments to a scammer's account.

c) Malware Infection- Scammers may use QR codes to trick you into downloading malware from an app store or website. They seek permission to download other apps, read your SMSes or look through your phone. Saying 'yes' to a permission request will give scammers the opportunity to control your device, spy on your chats, steal your sensitive information and steal your money through funds transfers or credit card charges.

How can you protect yourself from Malicious QR Codes?

  • Avoid scanning QR codes received via unsolicited text, WhatsApp messages, E-mails or social media messaging platforms.
  • Look out for signs that the QR codes at public places have been tampered with. Only download files or applications from official and verified sources.
  • Verify the recipients of the digital payments through QR codes before confirming payment.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on E-Commerce Scams leading to Unauthorised CPF Withdrawal

17 June 2023

Beware of scammers pretending to be "sellers" who would entice victims by posting fake offers of food items or merchandise on social media platforms. Victims would then contact the sellers via the messenger application or embedded URL links in the advertisement. The scammers would send a URL to download an Android Package Kit (APK) file, an application created for Android's operating system, to confirm the order and make payment. Victims would be directed to fake bank sites to key in their login credentials to make payment within the app.

These APK files containing phishing malware would allow the scammers to access the victims' device remotely and steal passwords, as the malware would capture the credentials entered by the victim. These include the Singpass passcode, among other things, which have been stored in the victims' device.

The scammers would then be able to access the victims' CPF account remotely using the stolen Singpass passcode and request to withdraw funds through PayNow. Once the CPF funds are deposited into the victims' bank account, the scammers would access the victims’ bank application and transfer the money out via PayNow.

The victims would only realise that they have been scammed when they fail to receive the orders and the seller becomes uncontactable, or unauthorised transactions have been found in their bank accounts or cards.

How can you protect yourself from scams?

  • If the price or deal is too good to be true, it is likely to be a scam. Purchase only from authorised sellers or reputable sources.
  • Avoid clicking on pop-up ads, suspicious links or opening files or e-mail attachments from unknown senders. Only download and install applications from the official app stores (i.e., Google Play Store for Android and Apple App Store for IOS). As an added precaution, check the developer information on the application listing and confirm it is the official developer before proceeding with the download.
  • Review the security permissions required by the application and/or its privacy policy before installation.
  • Refrain from making upfront payments to bank accounts or mobile numbers via PayNow belonging to unknown individuals. Instead, keep yourself safe by using the in-platform secure payment systems or opting for cash-on-delivery.
  • Never disclose your Singpass ID banking or card credentials such as username, password, OTP or Card CVV numbers to anyone.
  • If you suspect that your Singpass has been compromised, please contact Singpass Helpdesk at 6335 3533 (press ‘9’ for 24-hr scam support) and lodge a police report immediately.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Misuse of Singpass Credentials to Create Bank Accounts

23 May 2023

Beware of scammers impersonating bank staff or marketing companies acting on behalf of banks to reach out to victims to complete surveys on banking services. Victims would be promised payments for completing the surveys and approached via messaging aps such as WhatsApp. Upon completing the surveys, the scammers would request the victims to scan a Singpass QR code sent via WhatsApp, claiming it to be part of the bank’s verification process to retrieve their survey results and enable payment for the completed surveys.

By scanning this Singpass QR code and authenticating it on their Singpass app, victims are tricked into unintentionally authorising the use of Myinfo data to open bank accounts under the control of the scammers. These bank accounts are subsequently abused by scammers to commit crimes or launder the proceeds of crime. Victims would only realise that something was amiss when notified of these transactions by their bank, or when they receive notifications in their Singpass app inbox that their personal details had been retrieved.

How can you protect yourself from scams?

  • Do not scan any Singpass QR code sent to you by someone else, whether on brochures, social media apps or digital advertisements. Singpass will never send QR codes and web links though SMS and messaging apps like WhatsAapp.
  • Adopt the following precautionary measures :
    • Add – Install security features on your devices such as the ScamShield App.
    • Check – Keep an eye out for scam signs and verify information with official sources.
    • Tell – Inform the relevant authorities, friends and family of any scam incidents immediately.
  • Never disclose your Singpass ID banking or card credentials such as username, password, OTP or Card CVV numbers to anyone.
  • If you suspect that your Singpass has been compromised, please contact Singpass Helpdesk at 6335 3533 (press ‘9’ for 24-hr scam support) and lodge a police report immediately. 
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory on Phishing Scams involving Fake ScamShield App

22 May 2023

Beware of a new phishing scam variant involving the download of a fake ScamShield App. This scam involves the sale of food items or merchandise via social media platforms. Scammers would send a URL to the victims in order to make a purchase and to make payment. As a result, unauthorised transactions would be made from the victims' bank accounts or debit / credit cards.

Shortly after making these unauthorised transactions, the scammers would contact the victim and introduce themselves as bank staff who are following up on the fraudulent transactions. The scammers would then recommend that the victims download the ScamShield App using a URL link, fraudulently bearing the ScamShield logo, on the pretext of getting the victim to protect himself against scams. The victims would be unaware that they have downloaded a fake version of the ScamShield which would eventually lead to malware being installed on victims' device. The malware, depending on its functionalities are able to phish for the victim's credentials, and/or secretly collect the victim’s data and delete SMSes or bank notifications and/or take control of the victim’s phone.

How can you protect yourself from scams?

  • If the price or deal is too good to be true, it is likely to be a scam. Purchase only from authorised sellers or reputable sources.
  • Do not download any files or Scamshield app from third-party or dubious sites to your device. Only download and install applications from the official app stores (i.e., Google Play Store for Android and Apple App Store for IOS).
  • Do not click on suspicious URL links in the pop-up advertisements.
  • Never disclose your Singpass ID banking or card credentials such as username, password, OTP or Card CVV numbers to anyone.
  • To find out more on downloading the ScamShield App on your device, please refer to the official guide for iOS (https://www.scamshield.org.sg/ios-guide/) and Android (https://www.scamshield.org.sg/android-app/setup/)
  • If you suspect that you have fallen prey to malware phishing scams, please contact your bank(s) to suspend all accounts and cards, do a factory reset of your phone and make a police report immediately.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

E-Commerce Scams

4 May 2023

E-Commerce scams are on the rise. Beware of scammers pretending to be “sellers” who would entice victims by posting fake offers of food items or merchandise on social media platforms. Victims would then contact the sellers via the messenger application or embedded URL links in the advertisement. After confirming the price and order details, victims would make the payment to the seller’s bank account or mobile number via PayNow. In some cases, victims would be redirected to fraudulent phishing websites where they would key in their debit or credit card details and OTP to make payment. The victims only realised that they have been scammed when they failed to receive the orders and the seller becomes uncontactable, or unauthorised transactions have been found in their bank accounts or cards.

How can you protect yourself from scams?

  • If the price or deal is too good to be true, it is likely to be a scam. Purchase only from authorised sellers or reputable sources.
  • Be wary of purported time-sensitive deals due to limited stocks being available.
  • Refrain from making upfront payments to bank accounts or mobile numbers via PayNow belonging to unknown individuals. Instead, keep yourself safe by using the in-platform secure payment systems or opting for cash-on-delivery.
  • Verify the seller’s profile through legitimate customer reviews and ratings.
  • Do not click on suspicious URL links in the pop-up advertisements.
  • Never disclose your banking or card credentials such as username, password, OTP or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advisory On Malware

10 April 2023

Beware of the dangers of downloading files from unknown sources that can lead to malware installation on victims’ mobile devices, which may in turn, result in confidential and sensitive date, such as banking credentials, being stolen. Please be wary if you are asked to download unknown or suspicious Android Package Kit (APK) files as this  may eventually lead to exfiltration of confidential and sensitive data stored in infected mobile devices such as banking credentials, stored credit card numbers and social media account credentials.

Attackers can use such information to gain unauthorised access to the victims’ social media accounts to perpetrate impersonation scams or perform fraudulent transactions resulting in monetary losses.  

How can you protect yourself against malware?

  • Avoid clicking on pop-up ads, suspicious links or opening files or e-mail attachments from unknown senders. Only download and install applications from the official app stores (i.e., Google Play Store for Android and Apple App Store for IOS). As an added precaution, check the developer information on the application listing and confirm it is the official developer before proceeding with the download.
  • Review the security permissions required by the application and/or its privacy policy before installation.
  • Ensure that your mobile devices are installed with updated anti-virus and anti-malware applications that can detect and remove malware.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Cleaning Service Scams on Social Media Platforms

12 January 2023

Beware of fake advertisements on home cleaning services posted by scammers on social media platforms especially during this lunar new year season. Upon clicking the link and providing the mobile number, the victim would receive a whatsapp message with the instructions to download an app in order to book the service. The victim would be led to enter the debit or credit card details and OTP to make payment. The victim would only realise that he/she has been scammed after being notified of the unauthorised transactions charged to the credit/debit cards.

Sample of the fake advertisement

 

How can you protect yourself from scams?

  • Before clicking on any social media ad, click on the company name to view their business page.  Make sure that the page was not set up just a few days ago and look at the number of followers that they have.  A legitimate company that has been operating for a few years will likely have many posts and would have made effort to grow their follower base. 
  • Check if the cleaning company has a website with different ways to contact them such as email, phone or WhatsApp. They should also have customer reviews if they are listed on Google Maps.
  • If the offer is too good to be true, it probably is, even if it is a ‘first-time special’ for new customers.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Advertisement Scams on Social Media Platforms

28 December 2022

Beware of fake advertisements circulated by scammers on social media platforms offering attractive discounts and express delivery service by food and beverage outlets. The discounts are meant to entice victims into placing orders and phish for their debit or credit card details and one-time passwords (OTP). The victims would be led to a website to place their food orders and input their contact and delivery details. After which, the victims would have to enter their debit or credit card details and OTP to make payment. The victims would only realise that they have been scammed after being notified of unauthorised transactions charged to their credit/debit cards.

How can you protect yourself from scams?

  • Verify with the official sources to confirm if the food and beverage outlet exists and if they are having any promotions.
  • Visit the outlet for a take-away or make use of legitimate food-delivery platforms.
  • Never disclose your banking or card credentials such as username, password, OTP or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Recruitment Scams

19 December 2022

You may have received unsolicited messages via SMSes or messaging applications from ‘recruiters’ who claimed to have received your resume and would like to offer you a job position. Please exercise caution when you receive such messages. The scammers may ask you to pay an advance administration fee during the application process or ask you for your bank account or internet banking details to set up salary payments. Subsequently, the scammers will use these details to steal money from your account.

Sample of Unsolicited Recruitment Messages

 

How can you protect yourself from scams?

  • Check the official sources to confirm that the organisation offering you the job exists. If it does, contact the organisation directly through officially listed contact details to confirm that the job offer is genuine.
  • Be aware of your recent online activities. If you have not submitted any resumes to any job portal recently, then you should not be expecting any calls / SMSes from any job recruitment companies.
  • Be vigilant when you receive unsolicited calls or messages. Responding to such calls or messages may be used by scammers for social engineering to trick the victims into divulging confidential account and internet banking information.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

LTA and OneMotoring Phishing SMSes

13 December 2022

Beware of SMS phishing scams where scammers would send SMSes purportedly from LTA or OneMotoring notifying them of unpaid/overdue bills or fines. The SMS contains a URL link to make payment. Upon clicking the link, the victims would be directed to fraudulent websites where they would be requested to enter their credit or debit card details and one-time passwords (OTPs). The victims would only realise that they have been scammed after being notified of the unauthorised provisioning of Apple Pay or Samung Pay on their credit/debit cards or when there are unauthorised transactions charged to their credit/debit cards. LTA does not ask for payment via URL links in its SMS alerts on offence notices.

Sample of Fake SMS

 

How to protect yourself from scams?

  • Always verify the authenticity of the information with official website or sources.
  • Do not click on URL links provided in unsolicited messages and emails.
  • Do not disclose your personal information or OTPs to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Maybank Staff Impersonation Scam

8 December 2022

We are receiving a surge in reports of ongoing scams calls to customers impersonating Maybank staff. Customers have received calls from 8429xxxx, 8114xxxx and 8144xxxx (These are not valid Maybank hotline numbers). Customers are either informed that there is an existing bank facility under their names or that they have an outstanding personal loan due for payment, and for them to follow specific instructions by the scammers in order to rectify the issues.

 

How can you protect yourself from scams?

  • Beware of incoming calls with the ‘+65’ prefix. Do not pick up such calls if you are not expecting anyone calling from overseas.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Fake Maybank Receipt

8 December 2022

We received reports of fake Maybank receipts being circulated by scammers who impersonate buyers and deceive the victims that the payments have been made to the victims for the items that the scammer had purchased.

Sample of Fake Receipt

 

How can you protect yourself from scams?

  • Deal with authorised buyers from reputable sources, especially for high-value items.
  • Scammers may use a fake bank account receipt and provide a copy of a NRIC/driver’s licence to deceive the seller that they are genuine buyers. Check that you have received the funds in your bank account before releasing the item(s) to the buyer or suggest to transact in person instead.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Beware of scammers on Telegram

2 December 2022

Telegram, an instant messaging (IM) application, recently announced that users are allowed to buy and sell recognisable usernames. This poses a risk as this may result in scammers acquiring usernames to impersonate organisations. Please be informed that Maybank Singapore does not communicate with customers via Telegram. Be vigilant of scammers impersonating Maybank Singapore on Telegram.

 

How can you protect yourself from scams?

  • Be wary when receiving messages from unknown contacts via instant messaging (IM) services impersonating Maybank Singapore. Maybank Singapore does not communicate with customers via Telegram.
  • Do not click on URL links sent by unknown contacts.
  • Always verify the authenticity of the message directly with the bank.
  • Ignore the instructions given if you receive unsolicited calls via phone or instant messaging applications. Banks will not request for personal information, banking credentials or OTPs through phone calls or messaging applications
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Surge of Phishing Scams Involving Fake Buyers on Carousell

1 December 2022

The Police would like to warn the public of a surge of phishing scams on Carousell. For this phishing scam variant, scammers would pose as buyers on Carousell and victims would be asked to key in their banking details in spoofed websites to facilitate payment or delivery. After agreeing to the price of the item, the scammer would request the victims to click on a link to facilitate the payment and courier arrangements. Upon clicking on the phishing URL link, victims would be directed to fraudulent websites and tricked into providing their banking or credit card credentials and One-Time Passwords (OTP) to complete the transaction. Victims would only realise that they have been scammed when they discovered unauthorised transactions made to their bank accounts or credit cards.

 

How to protect yourself from being a victim of scams?

  • Always verify the buyer’s profile on online marketplaces by checking the account’s verification status, creation date, review and ratings.
  • If in doubt, always verify the authenticity of the information with the e-commerce platform directly.
  • Do not click on dubious URL links.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Maybank Email Phishing Scam

22 November 2022

We received reports where victims would receive emails purportedly from Maybank Singapore to verify a transaction that was deducted from their bank account(s). DO NOT respond to such emails as this is NOT a valid email sent by Maybank.

 

How can you protect yourself from scams?

  • Be wary of fake emails sent using fictitious email address and contents with grammatical errors.
  • Do not click on the URL links sent via unsolicited emails and SMSes.  Maybank does not send emails and SMSes with clickable URL links.
  • Always verify the authenticity of the message directly with the official websites or sources.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Phishing SMS and Bank Impersonation Scam

11 November 2022

Beware of SMSes indicating issues with your bank accounts and calls from scammers claiming to be from the bank. DO NOT click on the links in these SMSes as they will eventually lead you to fake websites of the bank. DO NOT agree to speak to the operator to ‘resolve an issue’ as you may be redirected to a scammer POSING as a Police Officer who would ask you to transfer money to them in order to resolve the issue or ‘crime’ you are supposedly involved in.

 

How can you protect yourself from scams?

  • Do not click on URL links sent via unsolicited emails and SMSes.
  • Always verify the authenticity of the message directly with the banks.
  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. Banks will not request for personal information, banking credentials or OTPs through phone calls or messaging applications
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to others.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Impersonation Scam - SMS Phishing Scam

11 October 2022

We received reports where scammers would send SMSes purportedly from Maybank to deceive the victims into calling the telephone number in order to reactivate their credit and/or debit card. This is NOT a valid SMS sent by Maybank.

Sample of Fake SMS Alert

 

How can you protect yourself from scams?

  • Be wary of fake SMSes with spoofed headers and contents with grammatical errors.
  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. Maybank will not request for personal information, banking credentials or OTPs through phone calls or messaging applications.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Singpass SMS Phishing Scam

1 October 2022

Beware of SMS phishing scams where scammers would send an SMS purportedly from Singpass to deceive the victims into clicking on a phishing link leading to a fake Singpass website. The contents of the SMSes may include ‘Changing of Password’, ‘Completion of face verification’or ‘Singass account disabled due to incomplete facial verification’. Upon clicking on the link in the SMS, the victims would be sent to a spoofed Singpass website where they would be asked to enter their Singpass login credentials. The victims would then be requested to enter their Internet banking details and one-time passwords (OTPs). The victims would only realise that they have been scammed after being notified of the unauthorised transactions from their bank accounts or fraudulent credit card/bank account applications.

 

How to protect yourself from being a victim of scam

  • Do not click on unverified links from unknown senders.  Singpass does not send SMS with hyperlinks.
  • Always check the website domain before entering your Singpass ID and password.  The official website for Singpass is singpass.gov.sg.
  • Always verify the authenticity of the message directly with the agency that sent the message.
  • Update your contact details registered with Singpass and enable notifications via your Singpass app so that you can be promptly alerted of suspicious logins and contact Singpass to secure your account.
  • Do not disclose your personal or Internet banking details or OTPs to anyone and report any fraudulent transactions to your bank immediately.
  • Check against the list of trusted websites at www.gov.sg/trusted-sites if you receive a link that does not end with “gov.sg”.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

Re-emergence of Job Scams

29 September 2022

Beware of re-emerging job scams where victims would be invited to provide reviews on products or services in order to earn a commission. Victims would receive unsolicited messages from scammers who claimed to be job recruiter on various messaging platforms. Victims who expressed interest in the jobs were instructed to sign up for accounts via the website links provided by the scammers.

The scammers would provide the victims with bank accounts belonging to unknown individuals for payments to be made on the pretext of reviewing the items in order to earn the commissions. Victims would initially be convinced that their work was legitimate as they were able to receive the commissions. They only realised that they have been scammed when they stopped receiving the commissions.

 

How to protect yourself from being a victim of scam

  • Do not accept dubious job offers that offer lucrative returns with minimal effort.
  • Never download applications from unverified sources.
  • Never send money to anyone whom you do not know or have not met in person.
  • Lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

E-Commerce Phishing Scam

15 September 2022

Beware of scammers impersonating buyers on e-commerce platforms such as Carousell where they would request victims to click on a link to arrange for payment and courier arrangements after agreeing to the sale of the item. Upon clicking on the phishing URL link, victims would be directed to fraudulent websites and tricked into providing their banking or credit card credentials and One-Time Passwords (OTP) to complete the transaction. Victims would only realise that they have been scammed when they discovered unauthorised transactions made to their bank accounts or credit cards.

 

How to protect yourself from being a victim of scams

  • Do not click on URL links sent via unsolicited emails and messages.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Always verify the buyer’s profile on online marketplaces by checking their verification status, created date, reviews and ratings. If in doubt, always verify the authenticity of the information with the e-commerce platform directly.
  • Please change your password immediately and lodge a police report as soon as you suspect that you have fallen victim to a scam.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or Option 4 to suspend your Maybank2u digital banking access and to report any unauthorised transactions made to your account(s) and/or card(s).

IRAS Phishing SMS Scam

11 August 2022

Beware of phishing scams involving scammers impersonating the Inland Revenue Authority of Singapore (IRAS) through SMS.

Victims of such scams would receive unsolicited SMSes from IRAS as the SMS sender name (e.g. SG-IRAS, IRAS). The victims would be directed to complete their tax review or that their violation has been investigated under the tax law and to co-operate with the audit using an embedded link in the message. Upon clicking on the link in the SMS, the victims would be sent to a spoofed Singpass page where they would be asked to enter their login credentials. Thereafter, the victims would be redirected to another spoofed webpage which looks like an IRAS website, and finally to a spoofed bank login page. The victims would be requested to enter their Internet banking details and one-time passwords (OTPs) received on their mobile phones.

They would only realise they had been scammed after being notified of unauthorised transactions from their bank accounts or fraudulent credit card applications.

IRAS does not send SMSes containing links asking members of the public to log in with their credentials such as passwords and Singpass login details. SingPass does not send hyperlinks or QR codes through SMSes QR codes.

 

 

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of claims about problems with your income tax status with the official IRAS website.
  • Always check that the URL domain of the Singpass website is singpass.gov.sg before you proceed.
  • Update your contact details registered with Singpass and enable notifications via your Singpass app so that you can be promptly alerted of suspicious logins and contact Singpass to secure your account.
  • Do not disclose their personal or Internet banking details or OTPs to anyone and report any fraudulent transactions to your bank immediately.
  • Check against the list of trusted websites at www.gov.sg/trusted-sites if you receive a link that does not end with “gov.sg”.
  • If you suspect that you have fallen victim to a scam, call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press *1 or option 4 to suspend your Maybank2u online and mobile banking access immediately and/ or report any unauthorised transactions made to your account(s).

 

Source: Channel News Asia (CNA), 28 July 2022, 7.42pm (More than S$37,000 lost by victims this month amid 'sudden surge' in IRAS phishing scams)

Website Phishing Alert

4 June 2022

Scammers are actively targeting members of the public through phishing websites. Providing sensitive information such as username-PIN combinations, one-time passwords or PINS to these websites may result in unauthorised fund transfers by scammers from your bank account. If you have provided your credit card information and CVV, scammers may conduct unauthorised card transactions.

This phishing website has a log-in page which directs customers to key in their online banking details.

 

How can you protect yourself from scams?

  • Do not give out your Internet Banking credentials, OTP, Digital Token or any Maybank-related email or SMS verification approvals to other individuals, non-Maybank websites, or mobile applications.
  • Emails and SMSes from Maybank will not include clickable links. Always go directly to our website to verify the authenticity of any banking-related requests or offers.
  • Maybank will never ask you for your credit or debit card details, CVV, SMS or email OTPs or Digital Token approvals to verify or unlock your account.
  • Do not call phone numbers, click on URL links, or scan QR codes in unsolicited emails, SMS, or other Messaging Application messages.
  • Never disclose your card numbers or OTPs to unverified sources. Bank staff and government officials will never request your card details, OTPs, or Digital Token Approvals through SMS, voice calls or unofficial websites.
  • Please change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scam Calls (Maybank Staff)

23 May 2022

We have received reports of ongoing scam calls to victims impersonating Maybank staff. Victims received the calls from +65 6275 XXXX, +65 6330 XXXX, +65 6275 2669, +65 6235 6694 and +65 6475 2901 and are required to verify the transactions (These are not valid Maybank hotline numbers).

List of information that victims are informed by the scammers (but is not limited to):

  • An unauthorised Maybank account (5304-XXXX-1190) is opened under their names
  • Large amounts are transferred to another bank
  • Verification is needed to confirm on the recent personal loan application
  • An outstanding personal loan account (7790-XX-4489) is due for payment
  • Accounts may be compromised and scammer offered to transfer the call to government officials

 

How can you protect yourself from scams?

  • Beware of incoming calls with the ‘+65’ prefix.  Do not pick up such calls if you are not expecting anyone calling from overseas.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of SMS Phishing Scams Targeting Banks

21 May 2022

There have been reports of an influx of SMS phishing scams targeting banks where the victims first received the SMS alert informing them that their credit cards have been suspended and to activate, they have to call the number ‘3129 XXXX’. The scammers would then call the victims back and request the victims to provide card details and OTPs. These led to subsequent unauthorised card usage.

Sample of Fake SMS Alert

 

How can you protect yourself from scams?

  • Be wary of fake SMSes with spoofed headers and contents with grammatical errors.
  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. Maybank will not request for personal information, banking credentials or OTPs through phone calls or messaging applications.
  • Do not share your confidential banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scam

25 April 2022

We have received reports of ongoing scam calls to victims impersonating Maybank staff. Victims received the calls from +65 6275 XXXX, +65 6330 XXXX, +65 6275 2669, +65 6235 6694 and +65 6475 2901 and are required to verify the transactions (These are not valid Maybank hotline numbers). Victims are also informed that there is either an unauthorised Maybank account (5304-XXXX-1190) opened under their names or large amounts are transferred to another bank account.

 

How can you protect yourself from scams?

  • Beware of incoming calls with the ‘+65’ prefix.  Do not pick up such calls if you are not expecting anyone calling from overseas.
  • Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Never reply to unsolicited calls. Responding to such calls may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scam - SMS Phishing Scam

22 April 2022

We have received reports of SMS phishing scams purportedly sent from ‘MAYBANK’ impersonating Maybank. Customers are informed that there has been a login attempt from a new device and are directed to click on a link if the login is not performed by them. Do not click on these links as these SMSes are not sent by Maybank.

Sample of the fake SMS – April 2022

 

How to protect yourself from being a victim of scams?

  • Please note that Maybank does not send SMSes or emails that contain clickable links. Always verify the authenticity of the information with the official websites or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Job Scams

11 April 2022

Beware of job scam advertisements that are posted on social media platforms claiming to be job recruiters. Scammers would claim to be recruiting for jobs that offer high commission for reviewing of travel packages, promoting merchant products or watching movie trailers on dubious platforms.
Do not accept these dubious job opportunities that offer lucrative returns for minimal effort or asking for upfront payments before you start work on the promise of a refund with a commission. These are common tactics used by scammers to lure you into participating in their schemes or scams.

 

How to protect yourself from being a victim of scams?

  • Ignore unsolicited messages advertising job offers from unknown numbers or unknown foreign numbers.
  • Never download applications from unverified sources and ensure that the applications are downloaded directly from the official Apple app store or Google Play store
  • Reject requests to use your personal bank accounts to receive and transfer money for others to avoid being involved in money laundering activities.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of China Officials Impersonation Scams

22 March 2022

There have been reports of elderly victims being targeted by scammers claiming to be China officials via unsolicited phones calls. The scammers would inform the victims that they were under investigations for various offences such as illegally opening a bank account in China and money laundering offences and would request for victims’ particulars and banking credentials for investigation.

In these cases, the scammers would get money mules to escort the victims to the bank counters to withdraw money or to fill up forms to activate their iBanking in order to transfer out sums of money from the victim’s bank account. It was observed that the victims are taught what to say in order to assure the bank staff of their actions.

 

How to protect yourself from being a victim of scams?

  • No foreign law enforcement or authority can investigate offences here in Singapore.
  • Ignore the instructions given if you receive unsolicited calls via phone. No government agency will request for personal information, banking credentials or OTPs through phone calls.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotlines.
  • Change your online banking password immediately as soon as you suspect that your online banking has been compromised. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Tech Support Scams

10 March 2022

Please be vigilant of scammers impersonating staff from technical companies such as Microsoft, local telecommunication service providers or officers from government agencies who are offering technical support.

In these cases, the victim would receive pop up message on their electronic devices indicating that a virus had been detected or an issue with an application. Victims would click on the pop-up message which directs them to call a number for help. The scammer would then instruct the victims to install remote access applications such as ‘Anydesk’, ‘Ultraviewer’ or ‘TeamViewer’. The scammers would also access victims’ Singpass accounts. Victims would realise that something was amiss when they received notifications in their Singpass Inbox that their personal details have been retrieved or misused.

How to protect yourself from being a victim of scams?

  • Install anti-virus, anti-spyware/malware, and firewall on your computer and perform regular updates.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotline, if you are unsure of whether something is a scam.
  • Change your online banking password immediately as soon as you suspect that your online banking has been compromised. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Beware of Business Emails Compromise Scams

9 March 2022

Please be vigilant of business email compromise scams. Scammers would hack into corporate emails or use spoofed email addresses, impersonating CEOs, business partners, employees of companies or suppliers to defraud victims into transferring money to their bank accounts for business partners or salaries of other employees. 

The scammers may also instruct the victims to purchase gift cards for work purposes or request for goods to be delivered and would trick the victims through fake invoices/purchase orders.  Victims realised that they have been scammed when they were informed that the funds or salaries were not received and there were discrepancies in the email addresses or after checking with their colleagues.

Signs to watch for in scam emails:

  • Spelling/grammatical mistakes in the email contents
  • Urgency for immediate payments to be made
  • Unexpected changes to bank account details
  • Emails instructing to purchase iTunes/Google Play cards on the pretext of work

 

How to protect yourself from being a victim of scams?

  • Be alert of any new or changes in the payment instructions and bank accounts
  • Use strong passwords and enable two-factor authentication (2FA) where possible on email accounts. 
  • Consider installing email authentication tools such as Domain-based Message Authentication, Reporting and Conformance, DMARC (dmarc.globalcyberalliance.org), which can help detect fraudulent emails.
  • Install anti-virus, anti-spyware/malware, and firewall on your computer and perform regular updates.
  • If you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Singpass QR Code Scam

5 March 2022

We received reports of ongoing Singpass QR code scam whereby scammers would mislead victims into scanning Singpass QR codes and promise them monetary rewards for their participation in various surveys. The scammers would request for the victims to scan a Singpass QR code with their Singpass app, claiming it was part of the verification process for disbursement of the monetary rewards.

However, the Singpass QR codes are fake and victims would unintentionally give the scammers access to certain online services; such as registering businesses, subscribing for new mobile lines or opening new bank accounts under the victim’s name. Victims would only realise something was amiss when they receive notifications in their Singpass Inbox that their personal details have been retrieved or misused.

Annex A:

Sample of Singpass QR code used by scammers:

 

How to protect yourself from being a victim of scams?

  • Never scan any Singpass QR code sent to you by someone else. You should only scan the Singpass QR code on the official website of the e-service that you want to access, or tap on Singpass QR codes on the official apps of these e-services.
  • Always verify with official sources on whether the information you have received is sent by the organisation and if the transaction involves authentication using the Singpass app.
  • After scanning a Singpass QR code, always check the consent screen on your Singpass app to verify the legitimacy of the digital service you are accessing. Ensure that the domain URL displayed on your Singpass app matches that in the browser address bar. If otherwise, do not tap on the ‘Log In’ button on the consent screen.
  • Never disclose your Singpass ID, banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

COE Loan Renewal Phishing Scam

15 February 2022

We received reports of ongoing car COE loan phishing advertisements appearing on Google searches which are being tagged to Maybank. The advertisement suggests that COE loan renewals can be done with Maybank.

Please note that Maybank does not have such partnerships with Oneshift and Carousell.

Sample of Phishing Google advertisement:

 

How to protect yourself from being a victim of scams?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Please change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of SMS Phishing Scams / Alert

10 February 2022

Beware of re-emergence of SMS phishing scams where scammers impersonate delivery companies. Targeted members of the public are warned of either 1) outstanding payments for parcel deliveries that are required to be paid before their item(s) can be delivered, or 2) a need to update their credit/debit card information, and are asked to log onto a phishing website to make the payment or update the credit/debit card information respectively. Users who click on the link are asked to provide their credit/debit card details and One-Time Password (OTP), which are subsequently stolen by the scammers.

Annex A: Sample of fake Singpost SMS

Additionally, there are also reports of a phishing SMS purportedly sent by banks (e.g. Sender ID ‘SMS Alert’), which state that an individual’s debit and credit cards have been temporarily blocked, and requests for the individual to call a listed number to unblock the cards. Users who call the number will speak to a scammer, who may trick them into divulging confidential credit card and internet banking information.

Annex B: Sample of fake SMS Alert

 

How to protect yourself from being a victim of scams?

  • Be wary of fake SMSes with spoofed headers grammatical errors.
  • Do not call unofficial telephone numbers and click on URL links provided in unsolicited emails and text messages. With effect from 31 January 2022, banks have removed the clickable links in both email and SMS notifications. Always verify the authenticity of the information with the official websites or sources.
  • Never reply to unsolicited SMSes. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Phishing Scams Involving Application of E-wallets

9 February 2022

Beware of a re-emergence of video call phishing scams where scammers impersonate government agency officials, including those from Singapore Police Force (SPF) and Ministry of Manpower (MOM). Targeted members of the public will receive unsolicited video calls from the scammers via messaging applications, such as WhatsApp, Viber, and IMO, who will request for the individual’s personal information, banking credentials and One-Time Password (OTP), under the guise of ‘verification purposes’ or ‘assisting in investigations’.

The scammers will then create e-wallets on applications such as DBS PayLah!, Singtel Dash or GrabPay in the victims’ names, and use the e-wallets to withdraw money from the victims’ back accounts.

The Police would like to emphasise that these calls are NOT made by police officers.

Annex A: Sample of fake video calls

 

How can you protect yourself from scams?

  • Ignore the instructions given if you receive unsolicited calls via phone or messaging applications. No government agency will request for personal information, banking credentials or OTPs through phone calls or messaging applications.
  • Do not share your banking or card details such as username, password, One-Time Password (OTP) or card CVV details with others.
  • Always verify the authenticity of the information by contacting the relevant government agencies through their official hotline, if you are unsure of whether something is a scam.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Re-emergence of Tech Support Scams

29 January 2022

There are recent reports of the re-emergence of Tech Support Scams. Please be vigilant of scammers impersonating staff from local telecommunication service providers or officers from government agencies who are offering technical support.

Since 15 April 2020, only overseas calls will show a ‘+’ prefix before the number showing on your caller ID. Calls received from local numbers will no longer carry a ‘+’ prefix.
Example 1: +6955 0221

This is likely to be a spoofed call. For local numbers, there will not be a ‘+’ prefix.
Example 2: +4241 2345

This is an overseas caller; be vigilant if you are not expecting an overseas call.

The scammers may instruct the victims to install applications, type commands into their computers or log onto their online banking account.

Government agencies and service providers will not request for your confidential personal details or access to your online banking account over the phone or through automated voice machines.

How can you protect yourself?

  • Beware of unsolicited calls from persons claiming to be a staff of the service provider or government officials
  • Be vigilant when answering calls showing a ‘+’ prefix, especially if you are not expecting any overseas calls.
  • Verify the authenticity of the call with the organisation.
  • Do not share your personal or internet banking details and OTP with anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report

Beware of Rising SMS/Email Phishing Scams

19 January 2022

There are recent reports of SMS and email phishing scams targeting bank customers in Singapore. The SMSes with spoofed headers or fictitious email addresses may appear to be sent from Maybank and include links to unfamiliar websites. These are phishing attempts and are not sent out by Maybank even though they may appear in the same thread as the legitimate SMSes from MaybankSG.

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official Maybank website URL (www.maybank2u.com.sg). Do not respond to requests to perform funds transfer to unknown account numbers.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Never reply to unsolicited calls, SMS or emails. Responding to such calls, SMSes or emails may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

 

Time Deposit Scams

28 December 2021

We have received reports of ongoing impersonation scams involving scammers impersonating Maybank staff and calling individuals to offer ‘Time Deposit Promotions’, and Fixed Deposit accounts. Targeted members of the public may be tricked into divulging their personal details, including bank details, One-Time Password (OTP), or to transfer money to unknown bank accounts.

Scammers offering the Fixed Deposit accounts may also send a phishing email including details of the ‘Fixed Deposit account’ to targeted members of the public and request for victims to deposit money to an unknown bank account.

Sample 1 of the fake Email

Sample 2 of the fake Email

The phone numbers reportedly used by the scammers include ‘68179208’, ‘+65 66028206’, ‘+65 68179208’, and ‘+65 67089332’. These are NOT valid Maybank hotline numbers.

Maybank will not request for application of Time Deposit accounts or Fixed Deposit accounts through calls, SMSes or emails. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number(s) maintained with Maybank.

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official Maybank website URL (www.maybank2u.com.sg) about opening of bank accounts and bank promotions. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number(s) maintained with Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Never reply to unsolicited SMS or emails. Responding to such SMSes or emails may be used by scammers for social engineering or to trick victims into divulging confidential account and internet banking information.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report.

Impersonation Scams

13 December 2021

We have received reports of ongoing SMS scams purportedly sent from ‘MaybankSG’ impersonating Maybank. Customers were informed to reallocate their funds to another Maybank account and to call +65 66028206 (This is not a valid Maybank hotline number) for verification of customers’ details.

These SMSes are not sent by Maybank.

Sample of the fake SMS - December 2021

 

How can you protect yourself from scams?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Contact us at 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the SMS.
  • Never reply to unsolicited SMS or emails. Responding to such SMSes or emails may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.

Job Scams Involving "Filmgo" related companies

7 December 2021

The Police would like to alert the public to a new variant of job scam where victims are invited to participate in jobs that allow them to earn commission through buying and selling movie tickets linked to various companies with the name “Filmgo”. Since November 2021, at least 41 victims have fallen prey to this scam, with losses amounting to at least S$203,000.

In these cases, the scammers would befriend victims on messaging applications such as MiChat and WeChat. These scammers would then introduce victims to purported job offers that would allow them to earn commission through the buying and selling of movie tickets involving various companies, such as Filmgo Production and Filmgo Digital etc. Victims would be directed to sign up for accounts on the “Filmgo” websites provided by the scammers. These websites would also offer mobile applications for victims to download and use its services conveniently.

Victims would be required to top-up their “Filmgo” accounts in order to buy and sell movie tickets and earn commissions, and the scammers would provide victims with bank accounts belonging to unknown individuals for the payment to be made. Most of the time, the victims would be convinced that their work was legitimate as their “Filmgo” account indicated the commissions they received after completing the jobs. However, victims would eventually discover that they had been scammed when they were unable to withdraw the money from their “Filmgo” accounts.

Annex A - Dec 2021

 

How to protect yourself from being a victim of scams

  • Do not accept dubious job offers that offer lucrative returns for minimal effort.
  • Never download applications from unverified sources.
  • Always verify the authenticity of the information with the official website or sources.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Change your password immediately as soon as you suspect that you have fallen victim to a scam. Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) and press STAR *1 to report any unauthorised transactions made to your account(s) and lodge a police report

Phishing Scams Involving Singapore Bicentennial Commemorative Notes

6 December 2021

The Police have received numerous reports of phishing scams involving text messages from scammers, where victims were allegedly directed to spoofed banking websites after being purportedly notified of their eligibility to receive Singapore Bicentennial commemorative notes.

Victims of such phishing scams would receive text messages from scammers that they are eligible to receive free Singapore Bicentennial commemorative notes and were directed to allegedly spoofed URLs. Upon clicking on the URLs, victims will be redirected to fraudulent websites which resembled the homepage of the purported bank’s internet banking website. Victims would then key in their internet banking credentials, thinking that this is necessary to receive the notes. Victims would only realise that they have been scammed when they discover unauthorised transfers of monies out of their bank accounts.

Sample of fake SMSes – Dec 2021

 

How to protect yourself from being a victim of scams

  • Be wary of fake SMSes with spoofed headers and check for grammatical errors in the message.
  • Do not click on URL links provided in unsolicited emails and text messages.
  • Always verify the authenticity of the information with the official website or sources.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Re-emergence of fake SMS scams with spoofed bank headers targeting bank customers

25 November 2021

The Police would like to alert members of the public to a re-emerging trend where scammers would send SMSes with spoofed headers of banks to victims, claiming to offer fixed deposits with high interest rates.

Victims would receive SMSes with spoofed headers, purportedly from a bank, advertising fixed deposit promotions offering high interest rates. Victims would be instructed to contact a number provided within the SMS to express their interest and obtain more details about the promotion. Once contacted, scammers would then attempt to get victims to divulge their personal details, such as bank details or One-Time Password (OTP), or transfer money to unknown bank accounts.

Sample of fake SMSes - Nov 2021

How to protect yourself from being a victim of scams

  • Be wary of fake SMSes with spoofed headers and check for grammatical errors in the message.
  • Always verify the authenticity of the information with the official website or sources.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Never disclose your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers to anyone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Re-emergence of Phishing Email on Maybank Loyalty Programme

16 November 2021

We received reports of ongoing survey scams involving emails which are sent from MayBank-REWARDS (may.yagkbmaqsf@tohsyo-c.co.jp). The scam email tricks the victim to participate in a short survey in order to enjoy cash rewards. Upon clicking “Take the survey”, the phishing website will request the victim to provide confidential card information (e.g. Card Number, One-time Password, CVV number).  

Please note that Maybank did not conduct such surveys. The email address, email contents and URL links mentioned in the scam email below are not from Maybank Singapore Limited.

Sample of the scam email – November 2021

How can you protect yourself?

  • Be alert and always verify the authenticity of such surveys by calling 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others. Maybank will also not require you to key in confidential bank account or card details for such surveys.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

Payment Scams

3 November 2021

We received reports of ongoing payment scams involving scammers impersonating Maybank staff and requesting the victims to arrange for alternative payment modes for their facilities with Maybank. Scammers will also email the details to the victims using a fictitious Maybank email address.

Please note that the email address and the email contents mentioned in the email are not from Maybank. Maybank will not request for alternative payments to be made to unknown account numbers other than your account number(s) and/or credit card number(s) maintained with Maybank. For credit card payment methods, please refer to our website maybank.sg/ccpayment .

Sample of the scam email – Nov 2021

How can you protect yourself?

  • Be alert and always verify the details from Maybank. Do not respond to requests to perform funds transfer to unknown account numbers other than your account number and/or credit card number maintained with Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Use the official Maybank website by typing the Maybank website URL (www.maybank2u.com.sg) to find out the payment methods for the respective Maybank facilities.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the email or if you suspect that you have been a victim of scams.

Car Loan Scam

12 October 2021

The latest car loan scam involves scammers using a purported bank’s letter, requesting victims to perform early settlement under the company Swift Consumer Service “SCS” in order to enjoy rebates or other incentives. Impersonating as bank staff, scammers usually answer queries from a fake phone number and reply emails using a fictitious Maybank email address.

Please note that the email address, email contents and names of individuals mentioned in the letter are not from Maybank Singapore Limited. For car loan settlement, please refer to the payment modes under FAQ 6 . Funds transfer and telegraphic bank transfer are not the listed payment options for car loan full settlement.

Sample of the scam email – Sep 2021

How can you protect yourself?

  • Do not respond to requests to perform funds transfer or telegraphic bank transfer for car loan full settlement. Be alert and always verify the details from Maybank.
  • Do not share your banking credentials such as username, password, One-Time Password (OTP) or bank account details with others.
  • Use the official Maybank website by typing the Maybank website URL (maybank2u.com.sg) to find out information about Car Loan.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to verify the contents of the letter or if you suspect that you have been a victim of scams.

Beware of Job Scams

12 October 2021

We received reports of ongoing job scams involving the downloading of applications (e.g. Uspeed Technology (‘UT’) app) and promising quick cash by liking or watching videos on different social media platforms.

Victims are usually recommended by their friends to download the mobile application (e.g. UT app) and perform tasks to “generate” income. Pictures of funds successfully credited to the accounts are usually shown to the victims convincing them to believe that the rewards are legitimate. After downloading the mobile application, victims are required to pay membership fees by depositing money to the mobile application before performing the daily tasks to receive the payouts.

Victims only realise that they had fallen prey to the scams when they can no longer open the mobile application, withdraw the remaining funds deposited to the application and the ‘administrator’ stopped responding to the messages.

 

How can you protect yourself?

  • Be cautious when you are asked to make upfront payments before you start a job with the promise of attractive commission or rewards.
  • Do not accept dubious job opportunities that offer lucrative returns for minimal effort.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

New Security Notifications

As part of the financial industry-wide initiative for a safer online banking experience, we are introducing our new device login notification.

You will receive a notification if we detect a new device/browser login to your Maybank2u Online/Mobile banking or when you log in from a new location.

To find out more, please refer to our FAQ.

How can you protect yourself?

  • Beware of links provided in unsolicited emails. Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others.
  • Change your passwords periodically.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

Beware of Fake Job Offers

07 September 2021

The Singapore Police Force has noted a recent significant rise in the number of job scam cases.

In these transnational job scams targeting job seekers, the syndicate would post advertisements for fictitious jobs promising quick cash on different social media platforms. Victims are given instructions to make payments by transferring funds to designated bank accounts, claiming that it was to boost the sales of various merchants on popular e-commerce sites. In return, they were promised commissions based on the amount transferred, on top of the full reimbursements. Victims often receive the promised reimbursements and commissions initially, leading them to believe that it was a legitimate job and enticing them to deposit even larger sums of money. Victims only realise that they had fallen prey to scams when they did not receive the subsequent reimbursements and commissions.

How can you protect yourself?

  • Be cautious of social media platforms asking for upfront payments before you start work on the promise of a refund with a commission.
  • Do not accept dubious job opportunities that offer lucrative returns for minimal effort.
  • Always verify the authenticity of the job with the official websites or sources.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect that you have been a victim of fraud.

 

Source: Channel NewsAsia 30 Aug 2021 12:01 PM

Beware of Phishing Email on Maybank Loyalty Programme

23 August 2021

We received reports of ongoing survey scams involving emails which are sent from MayBank-REWARDS (may.sglsenydnq@laylax.com). The scam email tricks the victim to participate in a short survey in order to enjoy cash rewards and complimentary miles. Upon clicking “Participate Now”, the phishing website will request the victim to provide confidential card information (e.g. Card Number, One-time Password, CVV number).   

Please note that Maybank did not conduct such surveys. The email address, email contents and URL links mentioned in the scam email below are not from Maybank Singapore Limited.

Sample of the scam email – August 2021

How can you protect yourself?

  • Be alert and always verify the authenticity of such surveys by calling 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas).
  • Do not reply or click on URLs in unsolicited and suspicious emails.
  • Do not share your banking or card credentials such as username, password, One-Time Password (OTP) or Card CVV numbers with others. Maybank will also not require you to key in confidential bank account or card details for such surveys.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

New Type of Phishing Scams Targets Bank Customers with Spoof SMSes

16 July 2021

Banking-related phishing scams have re-emerged in the form of spoof SMSes that trick victims into thinking they were sent by their bank. A total of S$1.07 million was lost in 374 cases of such scams between January and May this year.

Victims of the scam received an SMS allegedly sent by their bank, informing them of the payment attempts detected from their bank account. As the scammers have spoofed the bank’s SMS accounts, the scammers’ message may be appended to the same SMS message thread from the bank.

Upon clicking on the link in the SMS, the victims were led to a phishing site resembling the bank’s official website. They were then asked for their personal information such as Internet Banking details and One-time-passwords (OTP). After providing the details, the victims realised that they have been scammed when they received SMS notifications about money being transferred from their accounts. 

How can you protect yourself?

  • Be alert and always verify the authenticity of the information with the official website or sources.
  • Always check that the message reflects your intended actions and do not proceed or authorise any suspicious transactions.
  • Never reply to unsolicited SMS. Responding to such SMSes may be used by scammers for social engineering or trick the victims into divulging confidential account and internet banking information.
  • Do note that Bank staff or government officials will never request for your banking credentials such as username, password and One-Time Password (OTP) over the phone.
  • Call 1800-MAYBANK (1800-629 2265) or (65) 6533 5229 (Overseas) to report any unauthorised transactions made to your account(s) or if you suspect you have been a victim of fraud.

 

Source : Channel NewsAsia 10 July 2021 1:37PM