By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: CPF sends SMS about termination of Eldershield, raising concerns it was a scam
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Cybersecurity > CPF sends SMS about termination of Eldershield, raising concerns it was a scam
CybersecurityInternet

CPF sends SMS about termination of Eldershield, raising concerns it was a scam

Alfred Siew
Last updated: April 25, 2022 at 7:25 PM
Alfred Siew Published April 23, 2022
5 Min Read
SHARE
PHOTO: StockSnap from Pixabay

When many citizens in Singapore got a suspicious-looking SMS yesterday telling them their Eldershield government insurance policy was being terminated, they were rightly worried that they were targeted by yet another online scam.

It didn’t help that the message, apparently a real one from the Central Provident Fund (CPF), told recipients they had to log in to a website via a clickable link with their Singpass national digital ID.

Sounds somewhat like those scam messages that helped criminals steal S$13.7 million from OCBC bank customers earlier this year? You bet.

The CPF came out today to clarify that it had indeed sent the messages yesterday. What’s astounding was a spokesman saying there was “no particular reason” it had sent them yesterday. Presumably, it hadn’t considered the heightened worry amid the scams of late.

A person quoted by The Straits Times said he had clicked on the link, entered his Singpass details and got worried he might have been scammed. After all, it took just minutes for scammers to siphon out hundreds of thousands of dollars from some OCBC victims.

The CPF’s comedy of errors extended to one of its websites as well. After some users clicked on the link, they found that it was down, due to the traffic that it had to handle. You can’t blame people for being worried.

Could the CPF been more savvy, given the recent concern and the advice given to users to avoid clicking on links that come in through SMS? Yes, certainly.

The link it sent ended with gov.sg, which offered an indication that it was a Singapore government website. That said, this is not a surefire way to make sure you’re going to a real site, instead of a spoof or phishing site set up to steal your login credentials.

The best way is to type in the website link yourself, either on the phone or on a separate computer, so you can be sure you are not led to a fake website.

The government is rethinking the use of clickable links in its SMSes to citizens. The banks, after all, have decided to stop that practice after the OCBC debacle, mindful of the risks involved.

To be sure, many people – especially the less tech-savvy – may find it hard to log on to e-services if these convenient links are not available. However, that has to be balanced against the kind of threats facing users.

If they lose their Singpass credentials to scammers, citizens face a whole host of problems. Someone could steal valuable personal data and impersonate them to apply for permits or licences, for starters. They would have to go through a lot more hassle to recover their access.

So, it’s critical to keep educating users of the best practices, one which is not to click on links that come in via suspicious looking messages. The heightened risks mean you have to trade-off some convenience for security.

For CPF and other government agencies, it is also important to consider when and why they send their messages. Is it necessary, even, to send a message over SMS?

Yesterday, the message was meant for CPF members whose Eldershield plan was indeed expiring and to tell them they would be enrolled on a newer one, called CareShield.

Does it need users to click on a link to find out more? In a message sent out of the blue? Context matters and it’s missing here.

And for goodness’ sakes, CPF, please craft better messages that don’t look like a typical scam SMS. Wasting citizens’ time also negates the convenience that these digital services promise.

You Might Also Like

Give a royal wave and avoid munchies during video calls, say etiquette experts Debrett’s

New media with old media problems, as Facebook looks to paid subscriptions

Keysight’s 2023 technology predictions: Insights from a test and measurement Leader

Q&A: Ella, a robot barista, served over 100,000 cups of coffee in Singapore in 2022, say its creators

StarHub offers 10Gbps fibre broadband in nationwide trial across Singapore

TAGGED: CPF, Eldershield, scam, SMS

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew April 23, 2022
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Singapore to remove TraceTogether, SafeEntry contact tracing measures for most venues
Next Article Sony LinkBuds review: Unique, decent unsealed wireless earbuds for those who need it
1 Comment
  • Spencer Wong says:
    April 24, 2022 at 9:19 am

    Time for GovTech to come up with a national Dns server. Filter all phishing and malicious links.

    Better still, collaborate with all ISPs to push out the dns server.

    Reply

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Sony Playstation VR2 review: An immersive experience awaits
Gaming March 21, 2023
Debate on computational photography misses what’s real, what’s lived outside a frame
Cellphones Imaging Mobile Software March 19, 2023
Get the best Mac-friendly monitors for colour-perfect design work
PC March 16, 2023
LG OLED Flex LX3 review: A bendable gaming monitor for the adventurous (and rich)
Audio-visual Gaming PC March 13, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?