Jul 18, 2013

    Act fast if you're scammed online

    WHEN marketing executive Mabel Tan received three text messages from her bank, DBS Bank, last Wednesday morning, she was bewildered.

    The text messages showed her three one-time passwords (OTPs) - usually sent by banks to authorise secure e-commerce transactions.

    "I hadn't made any such transactions," said Ms Tan, 24.

    Suspecting that her card details and account may have been compromised, she called the bank and found out that a total of eight overseas transactions - ranging from $1 to $108.67 - had been made on her account.

    The total amount deducted from her savings account was $130.24. Her debit card was immediately blocked by the bank and a new one issued.

    Ms Tan's experience is among four online-debit-fraud cases involving POSB or DBS accounts that My Paper was made aware of recently.

    My Paper understands that, in such cases, customers are generally not liable for confirmed unauthorised transactions and the amount will be credited to them once the bank's investigation is completed. This typically takes about two weeks.

    According to a global survey conducted last year by financial-consulting firm Aite Group, 26 per cent of Singapore respondents had experienced some form of card fraud in the past five years.

    Responding to queries, a DBS spokesman said the cases are "isolated". The spokesman added that measures are in place to protect cardholders from unauthorised transactions, such as the monitoring of transactions in real time to spot "unusual or suspicious" ones.

    An OTP is sent only when a purchase is made at secure sites to authenticate online transactions.

    Security expert Assurity Trusted Solutions' chief operating officer, Mr Chai Chin Loon, said the two-factor authentication involving the OTP is a best practice adopted by online-banking, securities-trading, insurance and shopping services.

    The use of Assurity Trusted Solutions' OneKey security token, for example, can provide an additional layer of security.

    Mr Chai said: "We also recommend subscribing to SMS alerts for your online-banking, securities-trading and other important accounts.

    "SMS is a useful means of alerting you to fraudulent transactions."

    DBS urges cardholders to remain vigilant against card fraud by ensuring that they shop at reputable online stores with such secure-transaction capabilities.

    The spokesman said: "In the event that a customer is a victim of fraudulent credit-card transactions and has notified the bank promptly, he will be compensated for confirmed unauthorised transactions."

    DBS customers who suspect any suspicious activity involving their cards should contact the bank immediately on 1800-111-1111.