Some Singtel subscribers have received phishing e-mails, seemingly sent by the telco, telling them “Your Singtel bill is now available for download”.
The bills are all in the $200 range. Some e-mails were sent from a Singtel e-mail address and others from SingNet.
Singtel subscriber Steven Low, 39, received the first e-mail last Friday. His bill was given as $234.19 and there was an attachment that he did not open.
The civil servant, who called The New Paper’s hotline, said: “The bill was significantly higher than usual, but because I went overseas this month, I thought it contributed to the amount.”
Mr Low, who pays his Singtel bills by Giro, received another five similar e-mails.
“More warning bells rang when I realised the amount in each e-mail was different. I was worried and called Singtel’s customer service. Some customers may not check and just pay.”
Another Singtel subscriber, Mr Jasper Loh, 38, a helpdesk engineer, also received similar phishing e-mails.
He said: “I clicked on the link, which opened a blank page and downloaded a file. Luckily, my company’s website security blocked the download. I’m guessing the file will install a virus.”
“Singtel should do something to stop these phishing e-mails,” he added.
When contacted, a Singtel spokesman said it was aware of the issue.
She said: “These are phishing e-mails and are not from Singtel. We advise recipients of these e-mails to delete them immediately.
“Once informed of such malicious e-mails, we took prompt action to take down the malicious sites linked to these e-mails and to block them.”
Mr David Maciejak, head of cybersecurity firm Fortinet’s FortiGuard Lion R&D team for Asia Pacific, told TNP it is dangerous to click on the links.
“The links lead to domains which have been flagged as malicious by our FortiGuard Labs malware detection engines,” he said.
“A malware file will be downloaded onto the user’s computer… and facilitate the downloading of more malicious files.”
Mr Maciejak added that anything can be downloaded, including ransomware that will lock up the user’s computer, or malware that may be able to access and steal personal details.
Mr Tony Jarvis, Check Point Software Technologies’ chief strategist for threat prevention in Asia Pacific, Middle East and Africa, said the links pointed to free online servers with short lifespans that will automatically download files to the end user machine.
Mr Jarvis said the Singtel e-mail address could be forged by e-mail spoofing.
He said: “It’s the creation of e-mail messages with a forged sender address. It can be easily achieved by using the right tools and can be done at no cost.”
He reminds users to read the entire e-mail, especially if they are worried about its validity.
“They should contact their service provider if they have any doubts. If the e-mail is about their billing, users can think back if the e-mail is sent in their usual billing cycle,” he said.