Security News > 2022 > January > Singapore gives banks two-week deadline to fix SMS security

Singapore gives banks two-week deadline to fix SMS security
2022-01-20 06:01

A widespread phishing operation targeting Southeast Asia's second-largest bank - Oversea-Chinese Banking Corporation - has prompted the Monetary Authority of Singapore to introduce regulations for internet banking that include use of an SMS Sender ID registry.

Singapore banks have two weeks to remove clickable links in text messages or e-mails sent to retail customers.

"The growing threat of online phishing scams calls for immediate steps to strengthen controls, while longer-term preventive measures are being evaluated for implementation in the coming months," MAS and the Association of Banks in Singapore revealed in a joint statement on Wednesday.

The central banking authority also promised to increase "Scrutiny of major financial institutions' fraud surveillance mechanisms" to make sure they can deal the recent influx of new scams.

Emails from the bank to customers revealed the payments came after a full investigation, and the bank promised to contact the victims by January 27.

Overall, MAS warns that the more stringent measures it is implementing will "Lengthen the time taken for certain online banking transactions but will provide an additional layer of security to protect customers' funds".


News URL

https://go.theregister.com/feed/www.theregister.com/2022/01/20/singapores_monetary_authority_requires_banks/