Phishing is a common cyberattack method adopted by scammers to steal sensitive personal data such as your NRIC details, credit card numbers, One-Time Passwords (OTPs) and login credentials through the Internet.
It is usually conducted via official-looking email messages or SMSes that appear to come from legitimate organisations. Such emails and SMSes typically contain a hyperlink to a spoof website and mislead account holders to enter credentials and security details on the pretext that security details must be updated or changed.
There has been a recent rise in SMS phishing scams targeting customers of financial institutions. Scammers impersonate the FI with fraudulent links.
Example of a phishing email:
An email with spoofed headers or fictitious email addresses may appear to be sent from Etiqa Singapore and include links to unfamiliar websites. This is likely to be a phishing attempt and is not sent by Etiqa Singapore even though it may appear in the same thread as the legitimate email.
Example of a SMS phishing scam:
Also known as smishing, SMS scams are carried out via SMS spoofing techniques where the SMS sender information appear to be from legitimate organisations.These fake SMSes often contain links to fraudulent websites that resemble the organisation’s website that the scammers are impersonating.
Sometimes, the fake messages may even appear within existing legitimate SMS thread from financial institutions. Do not click on any URL links in the SMS Alert without checking on the authenticity first, even if it appears in an existing SMS conversation with a legitimate organisation. If in doubt, type the link directly into your browser address bar.
Please note that Etiqa will not request customer to unlock or change password via SMS. Please call Customer Care at +65 6887 8777 or submit a form at https://www.etiqa.com.sg/contact/ if you are in doubt.