At least $153k lost in phishing scams involving fake Citibank staff
Scammers are posing as Citibank staff in a new phishing scam that has cost victims at least $153,000 since June 27.
In an advisory on July 25, the police and Citibank said they have received at least nine reports of such cases and warned the public to stay vigilant.
In this scam variant, victims receive calls from unknown or private numbers from scammers claiming to be from Citibank's fraud department.
To appear legitimate, the scammers are able to provide the victims' names, recent credit card transaction history and even their credit card details.
Under the pretext of reversing fraudulent transactions, the scammers convince victims to disclose one-time passwords (OTPs) sent via SMS.
These OTPs are then used to make unauthorised transactions, usually in foreign currencies like British pounds, or to take over the victim's online banking account.
Victims often only realise they have been scammed after discovering unauthorised charges on their bank cards.
The police and Citibank reminded the public never to reveal their OTPs or banking details to unknown individuals.
They also advised checking the content of SMS OTPs carefully and reporting suspicious activity immediately.
To protect themselves, members of the public are encouraged to follow the ACT framework:
- Add the ScamShield app and set up security features such as transaction limits and two-factor authentication.
- Check the content of all SMSes and verify any suspicious activity with your bank. You can also check messages and links via www.scamshield.gov.sg.
- Tell others about scams and report fraudulent activity to your bank and the police immediately.
For more information on scams, visit www.scamshield.gov.sg.
