Monetary Auth of Singapore
How a scammer steals from a bank account
Many people are quite illogical. They are fearful of scams but they do not pay attention to how the scams are carried out. They spread fear and advised people wrongly, due to their ignorance.
The scammer cannot steal your money from the following:
a) knowing your email address
b) when you ordered food with a QR code
To access your bank account and steal your money, the scammer needs to know your account login credentials (i.e. your sign in code and password). Most people have set up a 2FA, so the scammer need to have your physical phone (to generate a 2FA token) or to receive a one time PIN sent by your bank.
This is how a few recent scams worked.
The scammer sent an email to the customer purporting to come from the bank. This email contain a link to a fake website that looked like the bank's website.
The customer (who does not suspect the scam) clicked on the link to enter the login credentials (code and password). The scammer uses the credentials to access the real website of the bank. The bank sends a PIN to the customer.
The customer enters the PIN into the fake website. The scammer now has the PIN which they can access the real website.
I have set up a 2FA using the bank's digital token. My bank does not send a PIN. The scammer needs to have my physical phone to access the digital token. But, my phone is protected by my fingerprint (which the scammer does not have).
The chance of a scammer accessing my bank account is extremely low. It may happen, but most likely it will not.
I encourage people to take the trouble to learn how how a scammer carries out the scam, rather than have a blind fear and spread fear through ignorance.
Tan Kin Lian
Add Comment
awareness and being savvy good enough to fend off any scam tactics.
farni  21 Jun 2023