You might get a call from someone claiming to be from a legitimate organisation informing you that you have won a lucky draw, but to claim the prize you have to give them your passport details or other information. This is likely a phishing scam as legitimate organisations would usually notify you via written means such as email and an official letter in addition to a phone call. If you have any doubt, call the organisation directly to verify with them.

Another phishing scam uses fake websites that look identical to the actual websites but with a very slightly different web address. If you input your personal details and PIN numbers into these websites, your information and money are at risk.

Or, in a parcel phone scam, you might get a call from someone claiming that your personal particulars have been used to send illicit parcels. You might be transferred to someone else claiming to be a customs or police officer, who then demands your personal particulars – including your bank account details and passport number.


  • Look out for fake emails by checking the 'from' email address, and look out for spelling or grammar mistakes as this might be the sign of a scam
  • Be wary of official-looking emails that do not address you by name; if they are generic, they are likely spam emails sent out en mass


  • You should never give out important personal information such as passport details or bank account numbers to strangers over the phone
  • Never disclose PIN numbers, user account IDs, passwords, or credit card details over email
  • Delete suspicious emails, and ignore phone calls from people making strange claims about the use of your name
  • Be aware that no email service provider, bank, financial institution or website administrator would email customers to verify or to ask for their user account information, password or PIN
  • Hover your mouse over suspicious link to check the destination address.  If the address does not lead you to a website which you are expecting, it is likely to be a phishing attack;
  • Do not provide sensitive personal information into pop-up windows from emails or websites;
  • Never feel pressured to give up personal information online;
  • Do not download files or open attachments in emails from unfamiliar senders; 
  • Protect your computer or device with a firewall, spam filters and up-to-date anti-virus software
  • Look for the secure symbol at the URL. Secure websites use 'https:' rather than 'http:' at the start of the internet address, or a closed padlock or unbroken key icon at the bottom right corner of your browser window. Legitimate websites are generally encrypted to protect your details

Source: Scam Alert Singapore