POSB customer warns of suspicious email that likely contains malware and can 'wipe out your bank account'
A man received a suspicious email from an unknown sender posing as POSB.
Stomper Jason recently received an email from the address 'posb1@substack.com', with 'Posb Alert' as the sender's name.
However, the email was sent from a Substack domain instead of a DBS domain (e.g. customerservice@dbs.com). POSB is also supposed to be entirely capitalised, which was not the case here.
The email contained a link asking Jason to "activate your Digital Token", but it is likely a phishing link used to steal personal information.
"I tried to contact the bank to report this, but I couldn't find the relevant link. So, I am sharing this on Stomp to remind other Singaporeans about this," Jason said.
"The email looks genuine, so any unsuspecting Singaporean might just click and download malware and then wipe out their bank account."
POSB advises members of the public to adopt the following precautionary measures to protect themselves from scams:
- Do not give out your internet banking credentials, OTP, digital token, or any DBS-related email or SMS verification approvals to other individuals, non-DBS websites, or mobile applications.
- Do not provide your ATM, credit or debit card details to unknown websites or callers.
- Do not click on URL links, call phone numbers, or scan QR codes provided in unsolicited emails, SMSes, or other forms of messaging channels.
- Do not download apps from unknown or unofficial sources.
The public is encouraged to report a potential scam or fraud attempt to prevent others from being a victim.
If you have any information relating to such crimes or if you are in doubt, call the police hotline at 1800-255-0000, or submit a report online at www.police.gov.sg/i-witness.
All information will be kept strictly confidential. For urgent police assistance, dial '999'.
