Banks Have Removed Clickable Links In Emails & Texts
The prevalence of phishing scams has been in the news lately, with many well-known organisations afflicted by scammers.
Being the protectors of people’s hard-earned money, banks are supposed to be more secure than most.
Thus, at least 2 Singapore banks – OCBC and DBS – have already said they’ve rolled out additional security measures to fight scams.
One new measure is that the funds transfer amount limit for customers to be sent an alert will be lowered – with OCBC setting it as low as 1 cent.
Alerts for funds transfers set to 1 cent
Ever since the latest OCBC scam ripped through the accounts of over 400 victims, a glaring spotlight has been shone on the bank.
Hence, besides making full goodwill payouts to victims, they’ll be making sure these $8.5 million in losses will never happen again.
One way is to catch scams early by alerting customers of funds transfers and payments from their accounts.
According to a media statement from OCBC seen by MS News, customers will get a notification for transfers as low as 1 Singapore cent (S$0.01).
This was set on Friday (21 Jan), they said, and applies to transfers including:
- PayNow payments
- Fast And Secure Transfers (FAST) between banks in Singapore
PayNow daily limit reduced
PayNow has been firmly established as a convenient, cashless payment method, whether for businesses or between friends.
Under OCBC’s new measures, the default daily limit for PayNow payments will now be $1,000 – down from $5,000.
Customers can even adjust that limit downwards to as low as $100.
The amount of cash that can be transferred per transaction used to be $1,000 by default. It will now be $200.
These limits have been in effect since 14 Jan, OCBC said.
24-hour cooling-off period
When scammers take hold of a bank account, victims have remarked on the speed at which significant changes were made.
Thus, OCBC will institute a 24-hour cooling-off period for key account changes by 31 Jan.
This follows a similar 24-hour wait for digital token provisioning implemented on 31 Dec.
Clickable links in marketing emails or SMSes have also been removed by the bank, as prescribed by the Monetary Authority of Singapore (MAS), since 11 Jan.
Permanent fraud team
A permanent team has also been set up to handle queries and reports on fraud by customers, OCBC said.
This dedicated team was formed to help customers affected by the SMS phishing scam.
When customers call the OCBC hotline at 1800 363 3333, they can now assess an option to “escalate” reports of suspected scams.
The bank will still “educate and inform customers” about scams in various ways, for example, social media and SMS.
DBS also lowers funds transfer alert limit
Another local bank, DBS, also recently warned about scammers targeting their customers.
Hence, in line with MAS’ stipulations, they’ll also be rolling out more robust measures of their own, they said in an email sent to customers that was seen by MS News.
Like OCBC, they’ll be lowering the limit for customers to be alerted of funds transfers on their accounts.
Notifications will be sent for transactions of $100 or lower by default, DBS said.
Customers will also be able to adjust this limit, allowing the bank to send them an alert for transfer amounts as low as $1 over Internet banking.
Safeguards for account changes
When scammers get control of an account, one of the things they might do is change its registered email address or mobile number.
Thus, when DBS receives such a request, they’ll now notify the existing email or mobile registered with the bank.
When they receive requests to change other key account details, like a customer’s contact details, there’ll also be a cooling-off period.
Before activating a new soft token on a mobile device, there will also be a delay of at least 12 hours.
Such measures will hopefully serve to deter or slow down scammers accessing an account.
No more non-essential texts
Most bank customers are used to getting promotional SMS messages from banks occasionally.
However, DBS will stop this practice for good, vowing not to send any more non-essential texts to retail and wealth customers.
Even the essential texts the bank will send – usually for security and trade notifications and OTP authentication – will have no clickable links.
DBS advised customers not to click on any links in texts that seem to come from the bank.
They assured that they’d never ask for sensitive info like account details, User ID, PIN or OTPs over the phone, email or via SMS.
The bank will also send out scam education alerts to customers, and their dedicated teams will prioritise feedback on suspected fraud cases.
Kudos on their quick action
Kudos to the banks for taking quick action against scams.
As customers, we should also educate ourselves on scams and strive to be vigilant.
Hopefully, due to these measures and the public attention, fewer people will fall prey to these nefarious deeds.
Have news you must share? Get in touch with us via email at news@mustsharenews.com.
Featured image adapted from Google Maps and Google Maps.