SINGAPORE – OCBC Bank has introduced a slew of new security measures, including sending instant fund transfer alerts to customers even when one cent is transacted.
It has also reduced the default daily limit for PayNow transactions from $5,000 to $1,000, the bank said in a statement on Friday (Jan 21).
Customers are able to adjust the daily limit for PayNow transactions to their needs, to a minimum of $100. The amount allowed to be transferred per transaction has also been reduced from the default of $1,000 to $200.
These measures follow a spate of SMS phishing scams which saw nearly 470 customers lose $8.5 million last month.
The bank had removed clickable links in marketing e-mails and SMS messages since Jan 11.
On Dec 31 last year, the bank also implemented a 24-hour cooling off period for digital token provisioning.
It added that it will implement the same 24-hour cooling off period for key account changes by Jan 31.
A dedicated customer service care team to handle customer queries and reports on fraud was also set up to assist customers who had fallen prey to the SMS phishing scams impersonating OCBC.
“This team has now been made permanent,” the bank said on Friday.
“Our OCBC hotline (1800-363-3333) now contains a dedicated option for customers to escalate reports of suspected scams.”
The bank added that it will continue its ongoing efforts to educate and inform customers about scams through its social media channels, e-mail, SMS, and on its website and mobile banking log in pages.
“We would like to again remind consumers to be alert, protect their bank account login credentials, and to only perform banking transactions through the bank’s official website and mobile banking apps.”
The new measures are in line with an announcement by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) on Wednesday, stating that all banks here will implement additional measures within the next two weeks.
The MAS and ABS had called for a default threshold of $100 or lower for funds transfer transaction notifications and having a delay of at least 12 hours before the activation of a new digital token on a mobile device.
These immediate steps are needed to combat the growing threat of online phishing scams, the MAS and ABS had said, and longer-term preventive measures are being evaluated for implementation in the coming months.