fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The IMDA urges more businesses to sign up in its anti-SMS spoofing registry

Anti-SMS spoofing registry
IMDA’s anti-SMS spoofing registry is up and running, and it urges businesses to sign up

IMDA urges more businesses to sign up upon the launch of its anti-SMS spoofing registry

The Infocomm Media Development Authority (IMDA) has urged more businesses to participate in a government trial program that was launched in August 2021 to allow organizations to register SMS sender IDs that they want to safeguard.

According to IMDA in a letter published in The Straits Times ForumSMS on January 17, 2022, communications will be stopped if the protected sender IDs are used in an unauthorized manner. It went on to say that some banks had already signed up for the registration, but it didn’t say which ones or when they did so.

OCBC Bank, whose clients have been subjected to various SMS frauds from smishing, has indicated that it will take part in the pilot scheme. However, it did not specify when it signed up.

Also Read: What is Smishing? How Can We Prevent It? Explained.

IMDA's anti-sms spoofing registry is up and running
With smishing campaigns on the rise, the anti-SMS spoofing registry is a timely initiative by the IMDA

Smishing, defined

Smishing is a type of phishing in which mobile phones are used as an attack platform. The perpetrator conducts the assault to obtain personal information, such as social security and/or credit card numbers. Smishing is carried out by text messages or SMS, hence the name “SMiShing.”

Smishing attacks make use of SMS, or short messaging service, which is more generally known as text messages. This type of assault has grown in popularity because consumers are more inclined to believe a message provided through a messaging app on their phone than a message delivered via email.

Although many victims do not associate phishing scams with personal text messages, the truth is that threat actors are more likely to find your phone number than your email address.

According to cybersecurity experts, all organisations in Singapore should adopt anti-SMS spoofing measures.

Sharp rise in phone scams impersonating OCBC

OCBC Bank has warned clients and the general public to be on the watch following several surges in phone frauds mimicking the bank. In OCBC’s media statement on July 18, 2021, the bank stated that it got 1,081 calls about the subject from customers and the general public between July 1 and July 17, 2021, compared to 16 for the entire month of April.

According to OCBC, a phone scam often begins with an individual receiving an automated voice call that requests a response. It was reported that these calls impersonated delivery businesses and banks.

Following the instruction to enter a number, the individual would be transferred to a Mandarin-speaking individual with a non-local accent. This person would then ask for the individual’s personal or banking information, including their account number and contact details.

A recent news came out to say that anti-SMS spoofing registry is still not a cure-all for setting banks’ liability for funds lost to scams.

At least S$8.5 million was lost in December to phishing scams involving OCBC Bank

On December 30, 2021, the Singapore Police Force (SPF) reported that at least S$8.5 million was lost in phishing scams employing SMSes spoofing OCBC Bank. According to a police press release, at least 469 people have fallen victim to such scams since December 1, with the majority of the money lost in the last two weeks.

According to SPF, victims received unsolicited SMSs alleging that there were problems with their banking accounts and instructing them to click on a link to rectify the problem.

After clicking, victims will be routed to bogus bank websites and prompted to provide their banking account login information. They’d realize they’d been duped when they received warnings about unauthorized transactions charged to their bank accounts.

According to the police, it is “challenging and difficult” to recover the funds once they have been “fraudulently transferred out of the victim’s bank account.” It added that the “OCBC Bank has warned its customers about the phishing SMSes using several different channels including its online banking platforms, a social media page, and media advisory.” 

The general public is urged not to click on “dubious” URL links contained in unsolicited SMS messages. According to SPF, OCBC will not deliver SMS messages containing Bitly URLs.

Also Read: PDPA compliance for Singapore schools

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us