A Singapore Government Agency WebsiteHow to identify
Phishing scam
phishing credit card

2 min. read

Phishing is a way of obtaining sensitive personal information such as account details, PIN and password through the internet. Anyone with these details can perform unauthorized transactions on your account. Find out how to protect yourself from phishing attempts.

Key takeaways
  • What is phishing and how to protect yourself.
  • Be alert to phishing attempts. Note that your bank will not ask you for your personal details over emails.
  • Don't click on any link or open attachments in suspicious emails that appear to be from your bank.
  • If you think you have become a victim of phishing, contact your bank immediately.

How to avoid phishing attacks

Phishing (pronounced as "fishing") is a common technique used by criminals to trick you into giving away your personal information.  They could do this by using emails, SMS, or phone calls.

If you fall prey to phishing and have given your personal information and online banking credentials, criminals may use the information to access your online banking accounts and transfer money out of your bank accounts.

Beware of bogus emails or SMS

You may receive a fake email or SMS that looks like it is sent from your bank to trick you into believing that the email or SMS is authentic. The email or SMS typically contain alarming messages so that you will take notice, such as informing you that your online account has been hacked or regulatory bodies suspect that your account is used for money laundering.

You will typically be asked to click on a link to verify your account. The URL will then bring you to a fake website that looks exactly like your bank’s login page. The criminals will be able to steal your login username, login passwords, and OTP when you key in these details into the fake website.

With your stolen credentials, the criminals will be able to access your online banking accounts and perform unauthorised transactions on them. 

To protect yourself from falling prey to phishing, remember the following:

  • Never give out your personal details by email.
  • Your bank will NEVER send you emails or SMS asking you for your personal information.
  • Do not open attachments or click on any link in suspicious emails or SMS.
  • Always enter the full URL or domain name of your bank on your browser address bar.
  • Install firewall, and anti-virus and anti-spyware in your computer. Update them regularly.
  • Avoid online banking in public areas such as cyber-cafes.
  • Log off each time you complete online banking activities.
  • Select passwords that are difficult to guess. Change them often.
  • If you think you have become a victim of phishing, contact your bank immediately.

Beware of bogus phone calls

Criminals may also call and trick you into believing that they are bank officers, government officials or the police. The caller ID on your mobile phone may even appear as “999”. Criminals typically use scare tactics to threaten you and make you believe that you have committed a crime.

Criminals may then ask you to give them your online banking credentials so that they can “check” your online accounts. If you do so, the criminals will be able to login to your online banking accounts and wipe out all the money in your bank accounts.

Here are some tips to protect yourself from bogus phone calls. Always keep the following in mind:

  • Government officials or bank officers will NEVER call you to ask you for your personal information, such as your online banking credentials.
  • When in doubt, always hang up the phone.
  • If the caller ID displays “999”, hang up and call or visit your nearest police post to verify the authenticity of the call.

Last updated on 05 Nov 2018