What To Do If You Gave Your Personal Information To A Phishing Scam

Falling victim to a phishing scam can be distressing, but acting quickly can help minimize the damage.

Quick Actions to Take Now

Change Passwords

Update all affected accounts immediately with strong passwords

Contact Your Bank

Call your bank's fraud hotline to freeze accounts if necessary

Report the Scam

File a police report and notify relevant authorities

Recovery Steps at a Glance

Steps to take after falling for a phishing scam

1Introduction

Accidentally click on a phishing link and enter your details? You're not alone. Millions of people around the world fall for such phishing tactics. However, it is important to know what to do next to prevent any further loss or identity theft.

If you have accidentally provided personal information—such as your banking details, one-time passwords (OTPs), or personal identification numbers—to a phishing scam in Singapore, here's what you should do immediately.

2What are Phishing Scams?

Phishing scams involve online scammers tricking people into revealing sensitive information such as passwords, usernames and/or banking credentials through fraudulent emails, text messages, or phone calls. These scams are often disguised as legitimate communications from official channels like banks, government agencies, or well-known companies in Singapore.

How Is Phishing Done?

Phishing can take various forms, including:

  • Email phishing: Fake emails pretending to be from organisations like Singtel, IRAS, or Singapore Customs.
  • Smishing: Fraudulent SMS messages, such as the SingPost scam SMS or parcel delivery scam messages.
  • Vishing: Phone calls impersonating authorities or financial institutions to extract personal data.
  • Spoofed websites: Fake login pages resembling real ones to steal passwords and OTPs.
  • Business Email Compromise: Scammers impersonate executives or vendors via fraudulent emails to trick employees into sending money or data.

3What are the risks of sharing personal information to a phishing scam?

Identity Theft

Scammers may use your personal information to impersonate you. They may apply for loans, credit cards or commit fraud. This leads to legal trouble and financial damage.

Financial Loss

After tricking victims into entering their banking credentials or one-time passwords (OTPs), scammers steal money directly from their accounts. Some fraudsters even sign up the victims into fake subscriptions, leading to continuous financial damage.

Data Breaches

Scammers may sell your stolen identity on the dark web. These can lead to more problems with spam calls, identity theft, and other cyber threats. Larger-scale companies may also face legal issues from data breaches.

4What to Do Immediately After Falling For A Phishing Scam

1
Stop and Assess the Situation
  • Pause and identify what was shared with the scammer e.g. passwords, bank details, emails
  • Write down details of the incident. Note down important details e.g. date, time, website link, scammer's details. This can help assist in the recovery of information.
2
Secure Your Accounts
  • Update your passwords for all affected accounts, especially banking, email, and social media.
  • Use strong, unique passwords with two-factor authentication (2FA) whenever possible.
  • Run an antivirus scan to check for malware that may have been installed.
  • Remove any suspicious apps or software.
3
Contact Your Bank

It is important to act fast to limit the loss of money.

  • Call your bank's official hotline to report the incident and freeze your account if necessary.
  • Monitor transactions for any unauthorised withdrawals.
  • In Singapore, major banks like DBS, OCBC, and UOB have dedicated fraud hotlines. Find your bank's anti-scam hotline and call immediately.
4
Alert the Relevant Authorities
  • Singapore Police Force (SPF): File a report online via the SPF e-Services website or visit the nearest Neighbourhood Police Centre (NPC).
  • ScamShield: Report the scam on the ScamShield website or download the ScamShield app to block scam messages and calls.
  • Monetary Authority of Singapore (MAS): If your financial data is compromised, visit the MAS website for guidelines.
  • Scam.SG: If there were no losses, report it to us to help others learn from the incident.

Who to Contact?

  • Bank Phishing Scam: Contact your bank's fraud department.
  • E-commerce or Parcel Delivery Scam: Notify SingPost, Ninja Van, J&T Express, or Qoo10 customer service.
  • LTA Scam or Singapore Customs Scam Email: Report to LTA (via OneMotoring) or Singapore Customs.
  • Business Email Compromise (BEC): Inform your company's IT department immediately.
5
Monitor for Identity Theft
  • Monitor CPF accounts & bank statements for any unauthorised transactions
  • Set up SMS/email alerts for banking activities
  • Request a credit report from the Credit Bureau Singapore (CBS) or other agencies
  • Watch for suspicious emails, calls or letters
  • Be alert for OTP requests or any unfamiliar bills
6
Learn Prevention Tips and Warn Others

How to Spot Phishing Attempts

  • Poor grammar or odd email formatting.
  • Spoofed website addresses that mimic official URLs (e.g., dbss.com.sg instead of dbs.com.sg).
  • Requests for OTPs or sensitive data.
  • Unexpected links or attachments.
  • Verify companies & websites with our TrustScore system

5Protecting Yourself from Future Scams

Phishing Scam Prevention

Verify Before Clicking

Always check the sender's email address.

Use ScamShield

This app helps block scam calls and messages.

Enable Multi-Factor Authentication

OTPs and security questions add extra layers of protection.

Stay Updated

Follow government agencies like SPF, Cyber Security Agency of Singapore (CSA), and MAS for the latest scam alerts.

Educate Yourself

Read through our available articles on phishing scams and other types of scams to educate yourself.

6Conclusion

Phishing scams in Singapore are becoming increasingly sophisticated and thus difficult to differentiate. However, by staying alert and taking swift action, you can protect yourself and minimise risks of falling victims to phishing scams.

If you suspect you've fallen for a scam, act immediately, report the incident, and strengthen your cybersecurity measures. Staying informed is your best defence against online fraud.

Follow Singapore Police Force, ScamShield, MAS alerts and Scam.sg for updates on new scam trends.

Frequently Asked Questions

Stay Protected Against Phishing Scams

Knowledge is your best defense. Share this guide with friends and family to help them stay safe online.