Thank you for making this video and create awareness to everyone on phishing links.

OCBC has a responsibility. It has been reported that as customers suspected the scams and tried calling the OCBC hotline...it was almost unreachable ...and eventually when the callers got thru, the person on the hotline was reportedly unsympathetic. Callers suspecting scams should be able to reach OCBC staff immediately and not made to listen to all the time-wasting options and then made to hold. In these urgent cases, time is of the essence.

Thank you Josh, for your invaluable sharing!

On a side note, what comes as unsurprising & has been confirmed through this whole saga is that many people are sitting on huge sum of money in the bank. They choose not to invest, divest or whatever. Maybe they just want to see the huge amount in their bank accounts to feel secured.

Wow that is insane! The decentraland ads are just... sick...

How did scammers get the telephone numbers in the first place? Sms from banks can be diverted, that's scary. Ocbc bank is a victim too.

Now after we listen to this, we don’t think we are safe from scammers! Because they also listen to this and evolve to get even smarter to go a few steps ahead!! 😞

I think banks should let us specify our fund transfers shall be limited to local transfers only i.e. oversea transfers are permanently disabled or better still, the function is made not available at all. We can always identify the transferee (or the scammer) in a local transfer. Occasional oversea fund transfers could be done by the old fashion filling up a form and paying the banker a fee for a wire-transfer. Another alternative is for the banks to provide non-online bank account to keep our larger sum of money away out of reach; and then provide us another bank account to keep a limited sum on free flow online. I like your suggestion about some amount of money kept in asset forms such as bonds so that it is out of reach of scammers.

Why can't the banks who created the apps have an emergency Abort transaction button on the banking app. Or reverse transaction or cancel transaction button on the apps. Why is it only one way ? This is the question I hope the banks can answer to all online banking users. Are we not allowed to have a ABORT transaction button we can activate without waiting for a call through to a customer service worker that we have to press, press, hold , select , wait, wait , hold ,hold, . Where is our Abort button.

I always disagree with the replacement of physical tokens with soft tokens. I feel insecure with everything installed on my mobile phone. The hacker can easily take control of our soft token once he has our login credentials. I am still using the hard tokens, except for DBS which there is no option given.

The weakness link is always the people. The best protection is to educate ourselves and exercise vigilance.

Great vid for awareness. Not sure if you know, Kevin (fellow Singaporean) also did a vid from a programmer's perspective on how these scammers do their thing.

Excellent video. I guess the devil is in the details. A single letter difference in the URL can mean a totally different webpage.

If I received this kind of SMS on suspension of my account or card, first thing I would do, call the bank first to find out why & at the same time, log into my account to check if the account is in order. If any SMS telling me good offer of any amount, so long as the organization is in SF, call them to find out. When calling, never use the number provided in the message, get the official number, it's at the back of your ATM or Credit Card, can't be wrong!

Good, next time anyone got scammed can ask for compensate of full sum. MAS just set the rule already. They better compensate if not unfair to potential victims next time.

This is to share with everyone a story about my son Wong trying to open an OCBC savings account in 2012. He was rejected by the Bedok branch staff, saying his name is similar to a Taiwanese criminal. This is despite the fact he had an account with them when he was a kid. My son was so humiliated that he swore off OCBC products even since. You offend people for life = OCBC. Bad, insulting and sometimes NO service.

Agree. Just park essential cash for daily needs. Invest the rest. Won’t get cashed out so quickly

Just wonder $8.5m end of the day how the scammer draw out the money from which country and bank?

Google, fb even steam have advance security features, like trusted device, oversealogin alert, proper 2fa that works. I think local banks have been very complacent and did not keep up with latest trends in security. So it's the bank fault for not protecting customers savings. Is there a simple option of disable oversea transfer?

Kudos man for sharing. Keep up the solid work.

Sg is the most efficient n safest country in the world? Crime do not always mean violence. In fact this is an eye opener. The lost can be enormous. It is so safe as claimed?

I like what you mentioned why ppl have so much cash in their bank accounts

All victims must group together n made a police report n hold the persons /banks responsible for transferring the money to known or unknown accounts.

Josh, i hope thur ur channel ppl is clearer and have better understanding phishing not speculate which entity or bank is good or bad.

Hope Q4 dividend payout next mth not affected. Hope clients don't click on the hyperlink on the sms . Just ignore it . At most , bank will call if a/c got issue. $8.5M can buy many OCBC shares, leh.

Hi Josh, some of us hold a trading platform On IOCBC. What will happen if the trading platform is affected. Will there be a trading account freeze? How do we navigate around this

I never liked ocbc ... closed account a few years ago and never looked back.

What to do even employees of bank also get charges?

Your videos are all very useful and I learned a lot from them.

Keep up yr invaluable advice

Here's what I do; park most of my money with a foreign bank instead of local banks. Scammers target local banks for volume. Targeting foreign banks happens less often. I'm Malaysian, so most of my money is in OCBC Malaysia.

But assets , depending on volatility and other factors, can be just as risky. You can lose your principal as well.

come on. never put all ur money or assets in one bank. I have equal distribution of assets in hard wallets, brokerage accounts and different banks. Basic risk mgmt.

Hyflux bond and shareholders must be very angry now :)

The bank has to take full responsibilities, how come its system is not strong.

Thank you Josh. Very helpful.

Excellent sharing! Thanks Josh

No to online banking.

Negligence rather than carelessness...

Such heartless scammers! Like in the movie : Final Destination >>> Nobody can runaway from The Universal Laws of Karma! 🕯

Nowsaday I don't care real or fake sms. As long as asking my bank details through online or sms, I delete it.

choose DBS or UOB and don't choose the lousy Ohsee ! Ohsee in cantonese mean pang sai BC Ohsee pun busy....

Terrible OCBC 500 customers bank account becomes zero, out going no control measures like above certain amt as pending in hold mode until confirm clearance from a/c holder this was done in the past why not now, also strict measures if incoming fund as KYC check as source of fund and all transaction address can be traced why no action taken for other bsnks snd scammers. Apparently, bank staff are all sleeping on the job.

Hi Josh, my colleagues was advised by AIA agent to convert his whole life policy to an annunity. How does this work? Also it is worth doing so?

Time for telcos to review their security seriously to stop all these spams call/SMS from the source

Smart is enough Don't act smart Don't apply online banking

Does it make a difference where is the OCBC? Singapore or Hong Kong or somewhere else.

I don't click any link in SMS or email, always type in the web address or use the saved link in my bookmark.

Probably needs to buy heavy duty safe and put at home. Safer, after all the deposit bank rates so low.

Thank you for the sharing !

Correction: The reasons they called... ........was to connect...

Internet is too vulnerable. At this juncture, may be the govt should slow down on encouraging internet transaction a bit. Presently, most scammed are the younger gen cos they thot nothing shld go wrong as this type of msg received is rather common. Once the older gen are encouraged and mastered internet skills, more scamming were to happen.

Great content.

Deploy into different places. Adopt a distributed architecture.

Correction :Recently they called again..... to siphon .....

Thanks for sharing

Digital banking/currency is risky! Ban SMS or spoofed SMS at least.

After thinking through, it is not exactly the people who are scammed but simply the bank not having enough safeguards and allowing anyone to hack the password to take someone's entire savings. The bank should be responsible as long as the people who got 'scammed' can prove that the withdrawn money did not go into their pockets. The bank with their vast amount of resources should be able to track the money, or even send agents down to retrive it from the scammers. If no money, at least beat their scammer ass till they cry for mother.

If you dealt with banks before, you know how hard is it to get them to pay you back in disputes. OCBC has been making goodwill payments to customers according to ST. To me, this is a tell-tale sign of guilt. They probably realised they had a "oopsy" somewhere, just undisclosed. Also, on the victims' part, many of the victims did not disclose whether they actually input their login credentials and OTP (2:52, for example was silent on this), this would have helped banks (not just OCBC) to narrow down the possible scenarios of what had happened as soon as possible and address the gap, if any. Precious time and resources would have been wasted when bank ops team got led on a goose chase by victims who are only upfront about losing their money but not exactly how.

When I received call from oversea numbers, normally I would just ignore. I won't bother to answer it. Later that scammer sent whatsapp to me, said my parcel was at the post office bla bla bla...I immediately deleted it. Must be always alert. Always think is a scammer even though is not scammer. Safer like this. Hahaha..

If you must use word like phishing, explain it in lay person's words.

All SG banks has been saying for years they will never ask for our personal details in SMS. I thought Singaporeans very good at following instructions ones? Or maybe we r wrong ..... only from bank then do not follow.... sianzzzz.

What about the developers of these websites of these banks. They know the codes. Can the security be compromised by the carelessness or otherwise of these developers ?

That's why I don't have online banking.

did OCBC say they will pay for all losses of all customers?

Singaporean are rich lots of money just don't bother the phone itchy hand to press no one can scams you la

i have already retired. bank less than 10k, all invested. safer to put money invest.

Insider job colluding scammers

examine the URL is not good enough. There are other font types that closely resemble the alphabetic and number character set. This is the scary part.

Oh yeah one more thing. Those of my friends who kena malware on their HP because they watch porn of their HP. The porn sites have the most malwares.

OCBC going to pay for all the losses of the scam victims, is it "TRUE" ?

if we bring back hard token, would it mitigate this kind of phising smses?

The public need security awareness training and threat intelligence. Government should setup an agency to improve it. When technology evolves, there is a need to know the risk vs benefits. Let hope govt will do something about it.

Tks God Ocbc pay back

Why only ocbc?

Were the culprits caught by the highly efficient Singapore police ,I wonder?

wow..

I don't like the idea of solely relying on the mobile phone for everything. I think the older way was more secure. Please go back to the physical token.

who are the scammers ?? i bet a lot from india ... ,african area ...

Temasek Bank Safe

I will share your video on facebook. It is really good and needs to be disseminated

If banks can be so hard hit, it's worrying. Actually OCBC is not the only one. I believe UOB had a similar issue as well. About 3 years ago, Singapore's largest medical institution Singhealth had a data breach where patients' confidential info was stolen by hackers. It was revealed that the IT guy was not even trained to handle cyber security matters. It's unthinkable such things can so easily happen in a country like Singapore where we think highly of ourselves as a "high tech, 1st world country". I doubt it now. Who are the IT people? Did the organisations employ cheap labour from overseas to handle IT security matters?