Follow us on Telegram for the latest updates: https://t.me/mothershipsg
The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) are introducing a new set of measures to improve the security of digital banking, in light of recent SMS phishing scams, such as the December OCBC scams that saw 469 victims lose a collective S$8.5 million.
Among the new measures, banks will no longer be allowed to send clickable links in emails or SMSes to retail customers and must have a mandatory cooling-off period whenever key account changes are made.
MAS said in its statement on Jan. 19 that it expects all financial institutions to have in place “robust measures” to prevent and detect scams, and specified “effective incident handling and customer service in the event of a scam”.
MAS said the recent spate of phishing scams necessitates “immediate steps” to strengthen controls.
They are also evaluating “longer-term preventative measures” in the coming months.
No more clickable links, 12-hour delay for soft token activation
MAS will work with banks in Singapore to put in place the following measures within the next two weeks:
- Removal of clickable links in emails or SMSes sent to retail customers
- Threshold for funds transfer transaction notifications to customers to be set by default at S$100 or lower
- Delay of at least 12 hours before activation of a new soft token on a mobile device
- Notification to existing mobile number or email registered with the bank…
