Alexander Woon is a Lecturer at Singapore University of Social Sciences, School of Law, and practices law as Of Counsel with RHTLaw Asia. He was previously a Deputy Public Prosecutor in the Financial and Technology Crime Division of the Attorney-General’s Chambers.
By Alexander Woon
Singapore has seen a spate of sophisticated online scams lately.
First, OCBC was targeted, with over 400 customers affected and losses of over S$8.5 million. Recently, DBS and the Supreme Court have also been targeted by scammers.
The question is when scams occur, who is responsible? And who bears the losses?
How the scams work
These scams are known as “phishing”. They are a form of social engineering in which the scammer attempts to trick a victim into disclosing personal information like bank account numbers, passwords or One-Time Passwords (OTPs) which would allow the scammer to do a number of things, such as gaining control of the victim’s bank account. The scammer might even change the account password or associated phone number, locking the victim out of the account.
In OCBC’s case, the scam was reportedly very sophisticated. The scammers sent SMSes to the victims using a “spoofed” number to make it appear that the messages were coming from OCBC. Thus, the SMSes appeared in the same chat thread along with legitimate messages from the bank.
Victims were then asked to click on a link in the SMS, which brought them to a webpage that was set up to look like OCBC’s website….
- Suggested Article: What Is Scambating and How Efficient Is It?
