You might get a call from someone claiming to be from a legitimate organisation informing you that you have won a lucky draw, but to claim the prize you have to give them your passport details or other information. This is likely a phishing scam as legitimate organisations would usually notify you via written means such as email and an official letter in addition to a phone call. If you have any doubt, call the organisation directly to verify with them.
Another phishing scam uses fake websites that look identical to the actual websites but with a very slightly different web address. If you input your personal details and PIN numbers into these websites, your information and money are at risk.
Or, in a parcel phone scam, you might get a call from someone claiming that your personal particulars have been used to send illicit parcels. You might be transferred to someone else claiming to be a customs or police officer, who then demands your personal particulars – including your bank account details and passport number.
WHAT TO LOOK OUT FOR
- Look out for fake emails by checking the 'from' email address, and look out for spelling or grammar mistakes as this might be the sign of a scam
- Be wary of official-looking emails that do not address you by name; if they are generic, they are likely spam emails sent out en mass
HOW TO PROTECT YOURSELF
- You should never give out important personal information such as passport details or bank account numbers to strangers over the phone
- Never disclose PIN numbers, user account IDs, passwords, or credit card details over email
- Delete suspicious emails, and ignore phone calls from people making strange claims about the use of your name
- Be aware that no email service provider, bank, financial institution or website administrator would email customers to verify or to ask for their user account information, password or PIN
- Hover your mouse over suspicious link to check the destination address. If the address does not lead you to a website which you are expecting, it is likely to be a phishing attack;
- Do not provide sensitive personal information into pop-up windows from emails or websites;
- Never feel pressured to give up personal information online;
- Do not download files or open attachments in emails from unfamiliar senders;
- Protect your computer or device with a firewall, spam filters and up-to-date anti-virus software
- Look for the secure symbol at the URL. Secure websites use 'https:' rather than 'http:' at the start of the internet address, or a closed padlock or unbroken key icon at the bottom right corner of your browser window. Legitimate websites are generally encrypted to protect your details
Source: Scam Alert Singapore