SINGAPORE: A sum of about S$2.54 million was recovered in full after a business email compromise scam was foiled by the Singapore Police Force (SPF) Anti-Scam Centre (ASC), Citibank Singapore and RHB Bank Singapore.
Citibank first alerted the police to a suspected case of money laundering on Friday (Dec 18), said SPF in a news release on Tuesday.
Citibank had been contacted by a foreign bank requesting an urgent recall of US$1.9 million (about S$2.54 million) that had been transferred to an RHB Bank Singapore account belonging to a foreign corporate entity, said SPF.
Preliminary investigations revealed that the transfer of funds was linked to an alleged business email compromise scam.
READ: Hello, it's a scammer on the line – Robocalls on the rise with some targeting people working from home
"Upon the receipt of the information, the ASC swiftly froze the RHB Bank Berhad Singapore bank account," said SPF, leading to the "full recovery" of the money.
"The police's collaboration with the banks attests to the importance of a strong partnership with community stakeholders to effectively combat scams and transnational fraud," added SPF.
It commended Citibank and RHB Bank Singapore for their "invaluable assistance" in recovering the money.
SPF advised the public and business entities to be vigilant and wary of business email compromise scams.
"Such scams involve deceiving businesses through spoofing of company or client email addresses and making them transfer large amounts of monies into the wrong hands," said SPF.
It reminded companies to adopt crime prevention measures, including educating staff to be mindful of any new or sudden changes in payment instructions and bank accounts.
"Always verify these instructions by calling the email sender. Always use phone numbers in your record, instead of unknown numbers provided in the fraudulent email," said SPF.
It said companies should also create awareness among employees about such scams, especially those responsible for approving payments and transferring funds.
"If these employees are working from home ... consider putting in place additional layers of checks before payments and fund transfers are made," said SPF.
Companies should also use strong passwords for their generic email accounts, change these regularly and enable two-factor authentication where possible.
They should also consider installing email authentication tools and software to protect against cyberattacks, said the police.