When the Singapore Personal Access (or SingPass) digital ID service was first launched in 2003, many Singaporeans hailed it as a breakthrough for digital convenience. However, this also opened up more opportunities for cybercrimes.

Stolen Singpass credentials have become a much-sought-after accessory for cybercrimes like money laundering, which can rake in billions if not caught in time. As a result, the Singapore authorities have included the misuse of Singpass credentials in the Computer Misuse bill passed in February 2024, coming down hard on Singaporeans sharing their Singpass details. It may seem harmless sharing your details with your family and close friends, however if it ends up being used in illegal activities, you could be fined up to S$10,000 or imprisoned for up to three years.

In this latest instalment of our scam education series, we’ve put together essential information you should know to avoid Singpass scams.

How Singpass scams work

Scammers use different tactics to trick people into giving away their Singpass credentials. Many of these involve social engineering – manipulating emotions and trust to gain access to personal information.

If someone offered you S$8,000 to “borrow” your Singpass ID, would you let them have it? It sounds like easy money; one person accepted an S$8,000 offer to share his Singpass details. But his credentials were then used to open bank accounts linked to S$220,000 in scam proceeds.

Your stolen Singpass credentials can go on to do a lot of damage, as scammers use them to facilitate a surprisingly wide range of crimes. Here are just a few ways your stolen Singpass credentials can be misused.

• Scenario 1: Fraudsters use your Singpass credentials to set up personal or corporate bank accounts under your name – which can then be used to commit financial fraud. In one case, stolen Singpass details were used to create a sole proprietorship to open corporate bank accounts for money-laundering purposes. The original ID holder had sold his Singpass details to a stranger on Telegram for up to S$15,000 and was later sentenced to 11 months and two weeks’ jail time.
• Scenario 2: Your Singpass credentials are used to apply for personal or corporate bank loans in your name. One scammer convinced his victims to apply for loans over fake QR codes, revealing their Singpass credentials. Once the loans were approved, the funds of over S$2 million was disbursed to the scammer instead of the original Singpass holder.

How to be vigilant against Singpass scams

Taking a few key steps can keep your Singpass account secure and reduce the risk of falling victim to scams.

• Keep your Singpass credentials private. Never share your Singpass ID, password, or any login details – not even with friends or family members. Remember, the new anti-scam laws eliminate ignorance as an excuse: whether you knew about it or not, letting someone else use your Singpass account could put you at risk of heavy legal consequences.
• Resist high-pressure social engineering tricks. Don’t be pressured into “act now or you’ll regret it later” deals, or suspicious messages that claim to be from the police or from a relative in danger. Learn to pause and think before acting on a message.

Extra protection for businesses

Singpass scams and other cyber threats hang heavy over many entrepreneurs’ heads. That’s why it’s critical that your business account has multiple safeguards in place to deter malicious attacks.

Some business bank accounts, such as those offered by ANEXT Bank, offer additional layers of protection from savvy cyber criminals. For example, ANEXT Bank uses three-factor authentication (3FA) that requires a login password, a one-time password (OTP), and facial verification for every transaction.

In the unlikely instance where you feel a breach may have happened, you can temporarily suspend your ANEXT Business Account until the issue has been thoroughly investigated and resolved. You may change login credentials to secure your account further.

In these uncertain times, protecting your digital identity isn’t just about avoiding financial loss; it’s about keeping your personal and professional reputation intact. Use our tips to dodge Singpass scams and other cyber threats – keep your funds and business safe, and stay on the right side of the law!