In response to the rising number of SMS phishing scams targeting bank customers, Singapore’s financial authorities are mandating stricter security measures for digital banking. The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced on January 19 that banks must implement additional safeguards within the next two weeks.

Key measures include the removal of clickable links from SMS and email communications sent to retail customers. Other security enhancements include a delay of at least 12 hours for the activation of new soft tokens on mobile devices, notifications to customers’ registered phone numbers or emails when contact details are changed, and priority assistance teams to handle fraud-related inquiries.

To further protect users, the default threshold for transaction notifications will be set at $100, and customers will receive more frequent alerts about potential scams. Additionally, a cooling-off period will be introduced before key account changes take effect.

These steps come after OCBC Bank pledged to fully reimburse victims of SMS phishing scams, and as other banks and government bodies, including the Singapore Police Force and the Supreme Court, issued similar warnings.

MAS and ABS emphasized that while these new protocols will extend the time for certain online banking activities, they are necessary to bolster security and safeguard customers’ funds. Longer-term preventive measures are also being explored for implementation in the coming months.