Helping you bank safely and securely, our No.1 priority
This scam usually sees targets being contacted by someone claiming to be a member of a legitimate business, bank, or local government official. The scammer will ask them to reveal personal details to resolve a supposedly urgent issue, with the intent of stealing those details to commit fraud.
They might threaten their targets, demanding that funds be transferred to them.
The approach:



Pretend to be someone they are not
Scammers prey on people’s fears and have been found to impersonate bank staff, Singapore civil servants (including police officers, court officials and staff of the Ministry of Health), and overseas government officials.

Make unsolicited approaches
They will contact their targets – unsolicited – via phone, email, SMS or other messaging apps. They will ask for personal details, bank account details, digital banking login credentials, One-Time Passwords (OTPs) and more.
The fraud:

Use urgency and fear to demand action
They will use scare tactics to get their targets to act quickly. These may include:
- Claiming that a bill is overdue and that it must be paid immediately to avoid a court summons.
- Claiming their target has committed an offence and that he/she must confirm their personal, banking or Singpass details for the ‘case’ to be processed and/or before they can reveal further information.
- Claiming that there is an issue with the target’s bank account (or other accounts where financial details are stored) and that their account/funds are frozen or at risk of being compromised – unless the target gives them their details and/or grants them access.
- Threatening their targets by saying that they will escalate the matter if the victim does not cooperate.

Pretend to be there to help the target
On the pretext of resolving the issue, the scammers may ask their target to provide their digital banking login credentials, credit/debit card details and/or OTPs – this will allow them to make fraudulent transactions and/or electronically set up GIRO arrangements to get funds without the target’s authorisation.
Under the guise of foreign police or government officials who are supposedly investigating offences in Singapore or overseas, the scammers may ask their target to apply for an Internet banking service or reveal their login credentials. This will allow them to take control of their target’s banking account(s) and move the target’s funds to their own (sometimes untraceable) accounts.
On the pretext that they need the target to verify their identity, the scammers may ask the target to scan a Singpass QR code placed on a phishing site – enabling them to steal the target’s personal details to commit a variety of fraudulent and criminal activities.


-
Be sceptical
Impersonation scams usually start from unsolicited calls or requests.
Do not trust lofty promises, deals that seem too good to be true, or individuals who call or message you – unsolicited – to ask you to divulge personal information over the phone. -
Do not give in to pressure
Never make financial decisions, give away sensitive details about yourself or anyone you know or sign any documents under pressure. -
Ignore, block and report
When contacted, hang up immediately if the caller cannot properly identify themselves.
Do not call any numbers or click on any links in SMSes that claim to be from OCBC. OCBC will never send you SMSes or emails with clickable URLs. Block and report the number used to contact you. -
Do your checks
Always verify the authenticity of the information shared with you, or requests made to you, by contacting the organisation directly (e.g. at their website or email address, or via their app or hotline).
To ensure you are on the correct website, personally enter the URL of the organisation’s website that you intend to visit into your browser’s address bar. View a list of OCBC’s official contact and banking channels.
If in doubt, seek a second opinion from someone you trust. -
Be alert
Enable transaction alerts for your bank accounts and credit cards. Learn more about transaction alerts from OCBC, discover how to set up transaction alerts for card and deposit transactions via the OCBC Digital app, and select your preferred notification channels and threshold limits.
To ensure you receive OCBC alerts and notifications, let us know immediately if you change your mobile number or email address. Learn how to update your contact details.
Always read your bank notifications carefully and notify us immediately if any transactions shown are not made by you. -
Keep your accounts secure
Do not key your personal information and banking details into unverified webpages.
Stay vigilant and never give out your Online Banking login credentials (i.e. Access Code and PIN), card details or One-Time Password (OTP) to anyone, including people claiming to be from OCBC. OCBC employees will never ask you to reveal your PIN/OTP or transfer funds to personal accounts.
Log in to OCBC Internet Banking by typing out www.ocbc.com directly into your browser, or via the OCBC Digital app to make sure that your log in is secure. If you suspect that your account has been compromised, call us at 1800 363 3333 (or +65 6363 3333 if you are overseas). -
Protect your money
Do not send money to someone whom you have not met.
Be responsible for all banking transactions involving your account and do not allow others to perform transactions on your behalf. You may be unknowingly laundering money for criminals – this is a criminal offense that carries hefty fines and prison time.
Never authorise a transaction or login unless you know its purpose.
Set daily transaction limits for payments and transfers according to your preference via OCBC Internet Banking or the OCBC Digital app. -
Take precautions
Enable two-factor authentication (2FA) for each of your online accounts for services such as email, social media, and online shopping, to list a few. This provides your accounts and personal data with an additional layer of protection.
Be wary of any calls with the ‘+65’ prefix and of international calls with the ‘+’ prefix where the caller claims to be from a legitimate business, government, or organisation such as your bank, especially if you are not expecting an international call. When in doubt, verify the identity of the person(s) and the organisation(s) by calling their hotline numbers.
The +65 prefix was implemented by Singapore’s Ministry of Communication and Information with telcos in 2020. The purpose is to alert the public that these are calls coming from overseas and that the public should not pick up such calls if they are not expecting anyone calling from overseas. -
Keep yourself up to date
Visit the National Crime Prevention Council’s ScamAlert SG website to learn – and take a short quiz – about the latest scams and how to avoid being a victim.