OCBC has a range of anti-scam security measures such as the ability for customers to adjust their account-to-account and overseas funds transfer limits for online banking - even deactivating funds transfers completely by setting their transfer limit to $0 - as well as sending transaction notifications to customers’ existing mobile number or email address registered with the bank whenever there is a request to change their mobile number or email address. We have never sent SMSes with links regarding banking transactions. With the recent spate of scams, we have further enhanced security measures, including the ones introduced in the recent ABS and MAS announcement in response to the SMS phishing scams targeting bank customers.

Since 11 January 2022, we have removed clickable links in marketing emails or SMSes. On 14 January 2022, we reduced the default funds transfer daily limit for PayNow from $5,000 to $1,000, and customers are able to adjust it to their needs, to a minimum of $100. The amount allowed to be transferred per transaction is also reduced from the default of S$1,000 to S$200.

Our transaction notifications for funds transfers and payments for PayNow and FAST transfers are now put at S$0.01 today.

On 31 December 2021, we implemented a 24-hour cooling off period for digital token provisioning. By 31 Jan 2022, we will also have a 24-hour cooling off period for key account changes.

To assist customers who had fallen prey to the SMS phishing scam impersonating OCBC, we set up a dedicated customer service care team to handle customer queries and reports on fraud. This team has now been made permanent. Our OCBC hotline (1800 363 3333) now contains a dedicated option for customers to escalate reports of suspected scams.

We will continue in our ongoing efforts to educate and inform customers about scams through multiple channels such as our social media channels, email, SMS, and on our website and mobile banking login pages. We would like to again remind consumers to be alert, protect their bank account login credentials, and to only perform banking transactions through the Bank’s official website and mobile banking apps.