Scam, fraud claims against digital banks in S'pore on the rise

There were 94 scam and fraud claims against digital banks in Singapore in the first eight months of 2025, more than double the 42 claims for the whole of 2024.

The total monetary amount for these 94 claims was $2.5 million, the Financial Industry Disputes Resolution Centre (Fidrec) said in response to queries from The Straits Times.

Fidrec said the most common cases it has handled involved compromised credentials and impersonation scams.

In cases of compromised credentials, a victim’s login information is stolen via phishing and malware. Scammers then use the information to access bank accounts and e-wallets to siphon off the funds.

As for impersonation scams, scammers pose as authority figures such as bank and government officials, or friends and family. They then persuade their victims to transfer money to them.

The claims were lodged against five digital banks, said Fidrec. Three of them – Trust Bank, GXS Bank and MariBank – serve retail customers, while the other two – Anext Bank and Green Link Digital Bank – cater to micro, small and medium-sized enterprises.

GXS Bank commenced operations here in August 2022, Trust Bank followed a month later in September, and MariBank set up shop in March 2023.

For now, the scam and fraud claims against digital banks represent a small percentage of total claims against all financial institutions, but there is an increasing trend.

Fraud and scam claims against digital banks were 2.1 per cent of total claims in 2023. That proportion rose to 4.8 per cent in 2024, and 8.7 per cent as at Aug 31, Fidrec data showed.

The financial disputes resolution institution noted that scams and frauds made up the bulk – 84 per cent – of all claims against the digital banks.

The rest of the claims related to service standards (11 per cent) and their practices and policies (5 per cent).

Are digital banks more vulnerable?

Professor of information systems Jan Ondrus at Essec Business School said digital banks are fully online, and every interaction happens through their apps or websites.

He said scammers may therefore have more chances to trick customers with fake messages, phishing or impersonation attempts.

Furthermore, because digital banks have no branches, customers cannot speak with a bank officer in person, Prof Ondrus noted. He said the banks can make up for this with real-time fraud alerts and round-the-clock customer support.

Mr Christophe Barel, managing director for Asia-Pacific at the Financial Services Information Sharing and Analysis Centre (FS-ISAC), a cyber-security cooperative for banks, said banks, with or without branches, are susceptible to scams. 

As most banking transactions are done online nowadays, neither model – digital only or digital with physical branches – is inherently safer or more exposed, he added.

Indeed, a vast majority of scams are successful because of the human element. 

Mr Ashley Millar, consumer education director at cyber-security firm Trend Micro, noted that scammers recognise that people do not make rational decisions when they are stressed or tired.

They therefore exploit this vulnerability to make victims divulge confidential information or perform certain actions.

The proliferation of artificial intelligence and deepfakes has led to scams becoming increasingly sophisticated and harder to detect, Mr Millar said.

How is the industry beefing up its defences against scammers?

The banking industry, together with regulators and other stakeholders like the telcos, has stepped up the fight against scams.

The Shared Responsibility Framework outlines the roles of banks, telcos and consumers in preventing phishing scams. It also assigns accountability for who will bear the losses if anti-scam obligations are not met.

Furthermore, the police can restrict banking transactions under the Protection from Scams Act if they suspect someone is being scammed.

The latest measure, which kicked in on Oct 15, allows the three digital banks serving retail customers – along with the other major Singapore banks – to delay processing fund transfers if certain thresholds are met.

The safeguard applies to current and savings accounts with balances of $50,000 or more. 

It kicks in when a transaction, together with withdrawals over the past 24 hours, results in more than half of the money being transferred out. 

This and all subsequent transactions will either be held for a 24-hour cooling period before being released, or be rejected immediately.

What else are digital banks doing?

Apart from these industry-wide safeguards, the digital banks leverage technology to monitor unusual activity in real time. Customer support is also available 24/7.

This enables them to step in promptly when their systems turn up suspicious behaviour. 

For example, MariBank’s systems will trigger a pop-up alert to warn and educate the user before the transaction is finalised.

Mr Shahzaib Hassan, group chief technology and product officer at GXS Bank, said the digital bank has safeguards, such as alerts and questions, to prompt customers to pause and reflect before they complete a transaction that the bank deems suspicious.

These questions include: Do you know the recipient? This person claims he is from the Monetary Authority of Singapore. Is he who he claims he is?

Other anti-scam features include money lock, which freezes a portion of customers’ money so they cannot transfer it out.

Prof Ondrus said the digital banks operate on modern systems without outdated technology, enabling them to adapt swiftly and implement new scam-detection tools.

A spokesperson for MariBank said the digital bank’s ability to respond rapidly to evolving scam tactics is due to its modern technological infrastructure, which supports agile deployment of countermeasures.

Balancing act between convenience and safety

In the fight against scams, experts say financial institutions will have to strike a fine balance between convenience and safety.

ST asked nine readers if they felt inconvenienced by the recent measure to hold or block transfers if more than half the money is being transferred out. All but one reader mentioned that they either have not transferred so much money thus far, or that they do not find it a hassle.

Mr Tay, a business owner who gave only his surname, was the only one who found the measure a bother. He wanted to transfer $300,000 from his bank account for his business needs, and had to do it twice.

“They should have an option for bank account holders to indemnify banks if they want to opt out of this safeguard,” he said.

Mr Alvin Chow, co-founder of financial education company Dr Wealth, said he will just have to transfer sums of money below the threshold level. He added that if he has to, he will make multiple transfers over a few days.

As for the funds for his US share purchases, Mr Chow will keep the cash in the investment platform so that he does not have to constantly move the money in and out of his bank account. “It is definitely more troublesome, but not a deal-breaker,” he said.

“After all, this is an anti-scam measure to prevent unauthorised account draining,” noted Mr Sam Chang, founder of board game designer Capital Gains Studio.

The spokesperson for MariBank noted that while enhanced security may mean more steps to complete a banking transaction, it is a necessary process to safeguard a customer’s life savings.

GXS Bank’s Mr Shahzaib said that “speed bumps” in the digital experience serve as a circuit breaker to disrupt the scammer’s momentum and protect the customer.

This is beneficial friction, he noted, adding that some customers reported narrowly avoiding scams after being prompted to reconsider their decisions.

Above all, the onus is on the customer to be vigilant. 

A spokesperson for Trust Bank said customers should be cautious when they access any website that requires their credit card data.

They should also be extra vigilant before clicking on unknown links, and notify the bank immediately via the 24/7 priority line if they have any notification messages of transactions that they have not authorised. 

Mr Shahzaib said customers should go through the proper investment channels to buy any financial products.

“If you want to make investments, use GXS Invest or go through other proper apps of the other licensed financial institutions,” he said, noting that people should not make investments on chat groups.

Working together

Ultimately, Mr Barel from FS-ISAC said it is a concerted effort by all parties to fight scams. Consumers must be on the lookout for any messages or online requests that seem odd or out of place.

Financial institutions must also share information on fraudulent activity and emerging threats that they have encountered, so that the other banks can learn from this knowledge, he added.

This close collaboration is playing out in the Singapore Police Force’s Anti-Scam Centre.

Seven banks have co-located their staff at the centre to help facilitate rapid account freezing and fund recovery operations.

The seven are DBS Bank, OCBC Bank, UOB, Standard Chartered Bank, HSBC, CIMB and GXS Bank, which joined recently in March 2025.

Source: The Straits Times © SPH Media Limited. Permission required for reproduction.

Pofma correction order issued to MalaysiaNow over article about drug courier’s treatment Regulators, industry groups may need to fill gap left by closure of climate banking alliance, say observers