SINGAPORE: The Singapore Police Force warned the public on Friday (Mar 18) against SMS phishing scams designed to deceive recipients into visiting a fake Singpass website.
Victims have reported receiving unsolicited SMSes from unknown senders with numbers such as “73333”. The message indicated that the victims’ Singpass account had expired and they had to access an embedded link to reactivate their accounts.
The phishing link led victims to a fake website requesting users to enter their Singpass login ID, password and two-factor-authentication details.
This fake website looks similar to the Singpass login webpage, said the police, but it has an illegitimate URL with multiple broken image links on the page.
The police added that the fake website has been blocked after Singpass users reported the suspicious SMS.
Members of the public are reminded to be vigilant and adopt the following precautionary measures:
- Do not click on unverified links from unknown senders. Singpass does not send SMS with hyperlinks;
- Always check the website domain before entering your Singpass ID and password. The official website for Singpass is singpass.gov.sg;
- When in doubt, always verify the authenticity of the message directly with the agency that sent the message. You may contact Singpass helpdesk at 6335 3533.
Anyone who suspects they are victims of such phishing sites should reset their Singpass password, check their Singpass transaction history for any suspicious activities and lodge a police report or submit details of the incident online.
Those with any information relating to such crimes can call the police hotline at 1800-255-0000 or submit it online.
For more information on scams, members of the public can visit the scam alert website or call the Anti-Scam Hotline at 1800-722-6688.