Huge increase in unauthorised online banking and card transactions last year

The number of unauthorised online banking and card transactions jumped sharply last year amid the Covid-19 pandemic.

There were 1,848 police reports of such transactions - a massive jump from the 329 in 2019. The transactions involved criminals phishing for banking and card details from victims.

There were just 114 incidents in 2018, said Transport Minister Ong Ye Kung, a Monetary Authority of Singapore (MAS) board member, on Tuesday.

He was speaking in Parliament on behalf of Senior Minister Tharman Shanmugaratnam, Minister-in-charge of MAS.

The update comes after the police said earlier this month that the number of actual scams also hit a high, rising 65.1 per cent from 2019, with fraudsters swiping around $201 million.

E-commerce scams, the most commonly reported type last year, rose 19.1 per cent from 2019 to 3,354 cases, partly due to the increase in online transactions amid the pandemic.

While banks must implement controls such as multi-factor authentication using one-time passwords (OTPs), these measures cannot eliminate all scams. Many victims were tricked into revealing their user IDs, passwords, OTPs or credit card details, said Mr Ong.

Financial institutions will never ask customers for their log-in information such as OTPs.

Mr Ong noted that some account holders have recently reported that online transactions have been made through their accounts even though they did not receive any SMS OTPs or reveal OTPs to other people. The police and banks are investigating these cases.


"As a precaution, the banks have put in place additional measures such as rejecting card payments made to some commonly disputed merchants, or placing limits on the transaction amounts that customers can transact with such merchants," said Mr Ong.

A person who suspects an unauthorised online transaction should make a police report and contact the bank immediately. The customer will not bear any financial loss even if the unauthorised transaction was due to lapses by the bank or non-compliance with MAS rules.

This is provided the customer has "practised proper cyber hygiene and has not been negligent", said Mr Ong.

His remarks were in response to a parliamentary question by Dr Tan Wu Meng (Jurong GRC) on unauthorised online bank transactions. - THE STRAITS TIMES