From incidents involving global giants like Apple to local entities like SingHealth, Singapore has had no shortage of news regarding cybersecurity data breaches and credit card frauds recently. In fact, this has been a global phenomenon: according to a recent report released by cyber intelligence firm IntSights, the number of hacked US credit card numbers for sale on the internet's dark web already leaped 135% in the first 6 months of 2018 compared to an year ago. As the threat of cyber attacks grows, it's especially important for people to take the necessary precautions to ensure the safety of their personal financial data. Incorporating our tips below to your monthly, weekly or even daily routines could help significantly reduce the risk of becoming a victim of financial identity theft.
Regularly Review Your Credit Card Statement for Unusual Items
If you become a victim of credit card fraud, your liability should generally be limited to about S$100 in Singapore as long as you follow the proper procedure. For example, DBS's card agreement document states that your liability in case of credit card fraud, your liability for unauthorised transactions shall be limited to $100 only if:
- You have immediately notified us of the loss, theft or unauthorised disclosure;
- You assist us in the recovery of the unauthorised charges incurred;
- You furnish us with a police report accompanied by written confirmation of the loss, theft or
- unauthorised disclosure and any other information that we may require; and
- We are satisfied that such loss, theft or unauthorised disclosure is not due to your negligence or default.
Therefore, timing is of essence if you want to minimise your loss in a credit card fraud. The faster you notice that your card has been compromised, less likely it is for your to lose money. To that end, the first thing you should start doing is to regularly review your credit card statement online. By scanning your debit and credit card transactions online every week (or even every day), you should be able to catch any fraudulent activities immediately. If more than one person is using a debit or credit card account through supplementary cards, you should keep each other in the loop about recent purchases, so you don’t accidentally flag a legitimate purchase. To make this process even easier, you should consider signing up for automated alerts—either via email or text message—to see transactions in real time. If you see any irregular transactions, you should immediately notify your bank.
Sign Up for a Credit Monitor with the Credit Bureau
Besides stealing your credit card information, hackers could also try to apply for new credit cards or loans by using your personal information. One way to catch such activities is to purchase Credit Bureau Singapore's My Credit Monitor. A service that costs S$48.15 per year, it automatically alerts you when a bank updates your credit information (i.e. someone has applied for a new card or loan). If you receive such a report without having applied for anything new, you should immediately contact the bank to prevent the card or the loan from being approved. Even without this service, Credit Bureau also offers free credit report for any new credit facility applicants. If someone has tried to apply for a new loan or card under your name, you should receive a notification letter informing of the credit application approval or rejection statuses. Though this could be much slower than the monitor service, you should be able to get a free credit report from CBS within 30 calendar days from the date of approval or rejection letter.
Always Use 2-Factor Authentication
Because about 25% of Singaporeans had their personal information stolen during the SingHealth incident, it's highly important for consumers to start using two-factor authentication for any online services when if it's available. This basically requires an extra verification step in addition to entering your username and password such as a one-time pin code sent to your email or your phone via SMS. As long as hackers don't have access to your emails or text messages, you should be able to prevent them from logging into your accounts with banks or e-commerce companies.
Other Tips for Online Shopping
Besides the tips we discussed above, there are some more "simple" tips that you should follow when you are online. An IntSights study observed a huge increase in fake mobile apps, especially on Google Android platform, that impersonate legitimate apps for video players, games and even banking apps. Once downloaded, they work as malwares to trick users into providing their personal information. Therefore, it is extremely important to be careful about what kind of apps you download onto your phone and to always double-triple check that you are downloading a legitimate version.
Secondly, you should never give out payment information information via email, over the phone or on social media. Fake social media profiles have been used to lure users to phising sites, fake apps. They sometimes also pose as customer service of a bank and ask for confidential information.As a rule of thumb, you should not provide your info to anyone unless you contacted them first through legitimate channels (i.e. email or phone number listed on the company's official website).