Family launches a petition against DBS after losing S$45K via malware fraud

SINGAPORE: An individual named Dimple Kaur has initiated an online petition on petitions.net to raise awareness about the security concerns surrounding DBS Bank.

The motivation behind this petition stems from their unfortunate experience of falling victim to a scam, resulting in a significant loss of S$45,000 on 5 October.

The petition has been launched in the hope of rallying support and demanding accountability from financial institutions like DBS.

Family loses S$45K after downloading third-party app

The incident began when the victim’s husband innocently downloaded an unrelated app on his phone, unwittingly leading to a full-scale “hijacking” of their device.

As stated in the petition, the hacker gained unauthorized access to all the family’s DBS bank accounts in a matter of moments, resulting in the theft of their savings right before their eyes.

Desperate, the family immediately contacted the bank, only to receive advice to file a police report and turn off the compromised phone.

According to the petition, this was impossible as the hackers maintained control over the device.

The financial loss incurred was staggering, with a total of S$45,000 stolen from the family’s DBS accounts.

DBS offers half refund; victim partially blamed for security breach

Following the police report and an appeal to DBS for the return of their savings, the bank is said to have offered only half of the stolen amount, while placing partial blame on the victims for the security breach.

“After making a police report and appealing to DBS to return our savings, the bank only offered to return half of it and all the while blaming us for allowing the hack,” Kaur explained.

The family refused to accept this settlement, insisting that the funds were stolen from DBS, not them, and without their authorization.

“We had entrusted our savings to DBS for safekeeping and due to the bank’s inapt security measures and security protocols, our life savings were stolen from them,” she added.

In the petition, she urged that individuals “think very hard” with entrusting one’s life savings with a bank that “does not have any robust preventive measures in place to safe guard your hard earned savings.”

The aftermath of this ordeal has plunged the family into a state of financial distress, leaving them with nothing but their monthly salaries to cover essential expenses.

With two children to support, the family faces the harsh reality of providing for their needs in an expensive city like Singapore.

Petition aims to alert S’poreans about DBS Bank’s security concerns

Kaur clarified that her purpose in initiating the petition was to inform all Singaporeans that their funds are allegedly at risk when deposited with DBS Bank.

“When you are faced with any sort of distress, DBS will not be willing to aid you and their lack of security sufficiency will not be looked at either,” she said.

Moreover, she stated that DBS/POSB’s “delayed” and “inadequate response” had allowed the fraudster to withdraw their money before any actions could be taken to rectify the situation.

She raises concerns about the bank’s ability to protect its customers from such sophisticated scams.

Nevertheless, she urges DBS to review their plea for the return of their funds, emphasizing that the money was stolen directly from the bank without their authorization.

They stress that their family’s financial stability and even essential medical expenses are currently in jeopardy due to the absence of sufficient security measures.

“I urge all Singaporeans to stand with us in this fight for our rights for the security of our own money and life savings.

“We would appreciate it, if our fellow Singaporeans could stand united with us to ensure that all our financial institutions like DBS, are held accountable to protect our interests with their banks,” Kaur said.

“If we are one and united today it would make a difference for all of us tomorrow.”

Currently, the petition has garnered 72 signatures in total, with 60 originating from Singapore and an additional 12 from various other places.

DBS among financial institutions restricting access to unverified apps on customers’ phones

Previously, in Sept, local banks like DBS and UOB responded to the increasing incidents of malware scams targeting Android devices by introducing new anti-scam security measures.

These measures are designed to prevent customers from using the banks’ mobile apps if they are detected to be using unverified app stores.

DBS unveiled its anti-malware tool for Android phones on Sept 26, which aims to prevent scammers from illicitly accessing customers’ accounts by restricting app access when potential risks are identified.

Customers are informed that they won’t be able to use the banking app until they have taken necessary security precautions.

However, while some customers expressed concerns about these security measures, both DBS and UOB had previously reassured that these features do not monitor phone activities or collect and store personal data.

Similarly, in the same month, UOB also implemented security features to restrict customer access to their app when apps from third-party or unauthorized sources with “risky permissions” are detected.

In such cases, an error message is generated, specifying the name of the potentially problematic app.

UOB’s head of group compliance, Daniel Ng said, “Customers are strongly recommended to uninstall the mentioned apps.”

“These apps with risky permissions settings can be exploited by scammers to compromise customers’ mobile devices and banking apps,” he added.

After uninstalling the app or disabling its accessibility permissions, the customer can regain the access to UOB’s digital services back.

However, if what Kaur has written is true, one would wonder the effectiveness of the anti-malware tool by the banks, particularly that from DBS.

Singapore govt against banks to assume full financial responsibility for malware scams

Ms Sylvia Lim, the chairman of the Workers’ Party, had earlier, via an adjournment motion in September, championed the cause of scam and malware fraud victims, pressing for banks to be fully accountable for the reimbursement of the lost funds.

Ms Lim argued that it should be the banks’ responsibility to reestablish the financial security of those affected by malware fraud, rather than leaving individuals to struggle with the complex financial recovery processes on their own.

In her persuasive address, Ms Lim highlighted the delay in the implementation of the Loss Sharing Framework by the Monetary Authority of Singapore (MAS), a delay that has left many without a safety net.

She proposed a return to physical tokens for two-factor authentication (2FA) to bolster security defenses and advocated for the imposition of lower transaction limits and extended waiting periods as standard measures to mitigate risks.

Pointing to the proactive steps taken by other countries, such as the impending legislation in the UK which mandates banks to cover the costs of scam reimbursements, Lim underscored the need for banks to play a more dynamic role in protecting customers from the increasing threat of cybercrimes.

However, Ms Lim’s proposition met with resistance from Mr Alvin Tan, the Minister of State for Trade and Industry. Mr Tan argued against obliging banks to shoulder the full financial burden of such frauds, stressing the necessity of balancing fairness with personal accountability.

He opposed the notion of complete restitution without considering individual culpability, suggesting that it could undermine the essential vigilance and personal responsibility of consumers.

Mr Tan emphasized that despite enhanced security measures, the potential for scammers to circumvent these systems remains, thus highlighting the crucial role of consumers in maintaining diligent cyber hygiene practices.