There’s been a recent surge in phishing scams where scammers are impersonating IRAS and targeting people through SMSes, according to the Singapore Police Force.
SMSes look like those in the images above, urgently asking people for payment by clicking on a bit.ly link. These fake websites look like an IRAS website, and people are asked to enter their Singpass ID and password, followed by their internet banking details and One-Time Passwords (OTPs) received on their phones. With your banking information, scammers can very quickly start making unauthorised transactions from your bank account.
Please be vigilant and take note of the following when you receive SMSes 📩:
- IRAS does not send SMSes with links asking you for your personal information, passwords, or bank details.
- Verify such SMSes with the official IRAS website, https://www.iras.gov.sg
- Log-ins to Government services are only done through links that end with “.gov.sg”. Bit.ly links are not official and are likely to be scams.
- When in doubt, always check against the list of trusted websites at https://www.gov.sg/trusted-sites
- Never disclose your personal or banking details and OTPs to anyone.
• Report suspicious transactions to your bank immediately.