Over S$484,000 lost to DBS & POSB impersonation scams over last 2 months

A phishing scam that impersonates DBS or POSB emails has re-emerged, causing total losses of at least S$484,000 in at least 72 cases since Jan. 15, 2026.

In a joint news release on Mar. 27, the police and DBS said that victims were sent emails with links that redirected them to "a phishing website that resembled DBS/POSB's webpage".

The police reminded members of the public that banks in Singapore will never send clickable links via email or SMS.

"The set up of a digital token can only be done through the official DBS/POSB Digibank app and never through a clickable link."

Scam variant

The police and DBS said, "In this scam variant, victims would receive emails allegedly from DBS or POSB, claiming that their digital token has expired and an activation or update would be required".

The emails would contain an embedded link that resembled the webpages of DBS or POSB.

Victims were misled to enter their banking credentials, card details and/or One-Time Passwords (OTPs) to ‘activate’ or ‘update’ their digital token.

According to the news release, those targeted would later "discover unauthorised activities and/or transactions in foreign currencies (e.g., EUR, SAR), made in their banking accounts and/or cards".

DBS intensifies prevention efforts

DBS has intensified its prevention efforts through co-created educational content with the police.

This includes targeted advisories on emerging scam variants and ongoing public education on top scam typologies.

Scam activities are also disrupted through DBS's collaboration with the police by surfacing phishing websites for takedowns, funds tracing and recovery, and timely case escalation.

The police also advised members of the public to never disclose sensitive information such as banking, credit or debit card credentials and OTPs to anyone.

Adopt precautionary measures

The police advised the public to adopt precautionary measures such as adding the ScamShield app or visiting its website to check the legitimacy of suspicious messages, phone numbers or websites.

Other measures include setting up security features such as enabling Two-Factor Authentication (2FA) and Multifactor Authentication for banks.

Members of the public can report fraudulent emails via the ScamShield app.

Those who suspect that their DBS or POSB banking or card details have been compromised should contact DBS/POSB’s fraud hotline at 1800-339-6963 or 6339-6963 immediately.

For more information, visit ScamShield's website and DBS' Scam Defence Hub website.

Top photo from SPF and DBS