Banks in Singapore are preparing to eliminate clickable links in emails and text messages directed at retail customers due to a recent surge in SMS phishing scams.
The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced that this initiative, along with several other measures, will be implemented within the next two weeks.
Earlier this week, OCBC Bank disclosed that nearly 470 customers lost over $8.5 million in December when scammers impersonated the bank and sent SMS messages with links to phishing websites.
Yesterday, DBS alerted its customers about a similar scam involving an SMS that falsely claimed their accounts had been suspended and prompted them to click a link.
In response to these incidents, OCBC has started offering goodwill payouts to affected customers. However, the banking sector is now adopting more stringent measures. In addition to removing links from communications, banks will establish a default threshold for funds transfer transaction notifications to customers at $100 or lower.
Moreover, there will be a mandatory delay of at least 12 hours before the activation of new soft tokens on mobile devices. Customers will also receive notifications to their registered mobile numbers or email addresses whenever there is a request to change personal contact information like phone numbers or addresses.