How to stay safe from scams

Your page is loading.
One moment please.

20 Jun 2024

SOURCE: CPF Board

 

Man learning about scams

Technology has improved in leaps and bounds. You can easily connect with others overseas or even search up any information on the internet. But these conveniences come with some downsides as well.

 

Now that the world is increasingly interconnected, it’s easier for scammers to extend their reach to more potential victims with increasingly new and sophisticated ways of mixing half-truths and half-lies. To help safeguard your hard-earned CPF savings from these scammers, it’s more important than ever to learn how to recognise common scams and avoid being scammed yourself.

 

 Here are some of the more common ways scammers can attempt to trick you:

1) Email scams

Email scams are usually disguised as something harmless, such as an advertisement. There are typically two types of email scams: spoofing and phishing emails.

 

Spoofing

 

Spoof emails are sent by scammers who try to pass themselves off as someone you know or trust, to trick you into opening the email. They can pretend to be an old friend or, in most cases, an employee from a trusted organisation. In doing so, they trick you into thinking they are trustworthy, thereby believing it to be safe to give them your personal information.

 

So how can you avoid falling for these scams? The key is in the details.

 

When scammers pretend to be from official organisations, they tend to use an email address that looks legitimate at first glance but with some small differences from the email address used by the actual organisations. Sometimes, the differences can even be as small as the use of a hyphen, or simply something like “(companyname)supp0rtline@xxmail.com” (note how the word ‘support’ in the address was spelled with a number zero instead of the letter ‘O’).

 

The simplest way to spot these spoof emails is to familiarise yourself with the official email addresses, especially of organisations that handle your personal information or finances.

 

Phishing

 

For phishing emails, the focus is more on the email content.

 

Phishing emails tend to be sent out en masse, such as an email that might prompt you for a system update, or an email from a company sent under the pretext of confirming your personal details and/or payment information.

 

These emails are often accompanied by a link to a bogus page that asks for your personal information, made to look as though it is a legitimate website of the organisation. Should you fill in your details, they will be sent to the scammer, allowing them to siphon off your money or impersonate you to scam other people.

 

As with spoofing, the way to spot phishing emails is often in the details. At first glance, the sender’s address may seem legitimate, so it may not always be easy to verify.

 

When in doubt, you can always double check it against an actual email sent from the same organisation and see if the addresses match.

 

For emails from CPF Board, take note of these key tips:

 

  1. Check that the sender’s email address is spelt correctly and ends with @cpf.gov.sg or @e.cpf.gov.sg.
  2. Emails from the Board may contain links to the CPF website or other Government websites. In such cases, please check that the domain of such links end with “.gov.sg” before clicking on them, as that denotes a government website link.

For more information, you can check out how to protect yourself from phishing links for more tips and information to protect your information.

2) Call scams

Example of a scam call

Another way which scammers can attempt to trick you is via calls. This might even involve people impersonating the police, and even government organisations! However, just because there is someone speaking to you in real time doesn’t mean the caller is who they claim to be.

 

By pretending to be someone with some level of authority, the scammer can then attempt to persuade others into divulging privileged information, including but not limited to NRIC numbers, credit card information, banking details, etc. Sometimes, they may even ask you to transfer money to an account to aid an investigation. It may not even be just through one phone call, but a series of calls over a longer duration.

 

As with email scams, the best way to go about handling this type of scams is to familiarise yourself with how such companies or organisations operate.

 

Government entities and banks, for instance, will typically not call and ask you to provide personal information such as your credit card information or Singpass details.

 

Similarly, police officers will not instruct you to provide information such as banking credentials over the phone, much less ask you to make a monetary transfer to aid investigations.

 

For calls that you might receive from people who claim to be figures of authority from an overseas organisation and who might ask you to help them with their investigations, it is even more imperative not to let your guard down. At times, these callers might ask you to make a money transfer for dubious reasons, such as needing you to return money that was wrongfully wired to your account.

 

The important thing to note is that overseas law enforcement agencies have no jurisdiction to conduct operations in Singapore, make arrests in Singapore or seek the help of members of the public here with investigations of any form.

 

When in doubt, it’s always better to refuse upfront and clarify the situation on your end. Should the other party get pushy, that is also a huge red flag. When in doubt, please seek help from your family members or the Singapore police to help check if the call seems legitimate. For the latter, you can refer to the Scam Alert! Website for news and other information.

 

Where calls from CPF officers are concerned, here are a few things to note to ensure that it is an authentic call. Here are some scenarios where you might engage in a call with a CPF officer and what you should take note of:

 

a) When you call CPF

Please make sure that you are calling the Board through the numbers stated on this page. If you are calling the CPF Hotline, you will be asked to do a two-factor authentication (2FA) by keying in your NRIC number on the dial pad, followed by confirming your identity through a push notification on your Singpass app or a One-Time Password (OTP) via SMS before our officer provides personalised information. 

 

b) When you receive a call from the Board on transactional matters

Sometimes you might receive a call from the Board that you had not expected to receive. The reason for this is typically due to some issue regarding a recent change or transaction you have made with your CPF accounts.

 

In such scenarios, you will first receive a notification (either through your registered email address with the Board or in hardcopy) with a unique reference number before receiving a call from our officers. We will use that for purpose of authentication, for example, you will be asked to state the first few numbers, while the CPF officer quotes the last few. This way, you can be assured that the call is legitimate.

 

Please also note that telephone calls from CPF Board will be made from 6227 1188 or 6202 3388.

 

Additionally, we have also tightened the Board’s bank verification process for payment of monies to members. Whenever a new bank account is provided by members, CPF Board will verify with the bank directly to ensure that the account belongs to the member.

3) SMS scams

Another avenue scammers try their hands at is SMSes. Common examples of this are SMSes that ask you if you are interested in betting or borrowing money, or if you are interested in doing some part-time jobs with very high wages. These SMSes, similar to how email scams work, end with a link which, when clicked leads you to a site that allows scammers to steal your personal details.

 

These SMSes can also be phrased such that they look like they are sent from official sources, such as the Government. They could require you to take certain actions such as registering for vaccinations, updating your personal details, confirming a transaction and so on, with a link that they would require you to click on.

 

Like other types of scams, these links might also seem legitimate at a glance (for instance, using “register-gov.sg” to seem like it’s from the Government, when a proper URL would have “.gov.sg” in its link). In some cases, they can also pretend to be an acquaintance:

Example of a scam SMS

The purpose of this is to trick you into going to a fake site that looks legitimate, only to have you providing your sensitive information to the scammer. If the scam message is from someone you know, for example, you might want to think twice if it does not sound like a message that the person might normally send you. Be sure to contact the person separately and let them know their account might have been compromised.

 

Remember, a proper link from the CPF Board will also have “.gov.sg” in the link it provides, as shown below:

Example of a legitimate SMS from CPF

The SMS sender ID will always be "gov.sg" for all SMSes from the Board to members on matters pertaining to your CPF, Workfare and Silver Support from 1 July 2024. With the standardised SMS sender ID, you can now easily verify the legitimacy of messages sent by the Board.


Where scams are concerned, it is often a question of overlooking small details. Being vigilant is the most effective way to protect yourself from scams, especially when it deals with your money.

 

Questions such as “is this email/call/SMS really from where they claim to be from” help you assess objectively whether you can really trust whoever it is on the other side of the screen or phone. If you want more useful tips, here are some do's and don'ts of scam prevention for further reading!

 

In the end, it always pays to be careful, especially when your personal information and money are at stake!


Information accurate as of date of publication.