[SingCERT] Phishing Emails about GeBIZ and SingNet

Published on Wednesday, 22 July 2015 20:00

[ Summary ]

Phishing emails purported to be fromsupport@gebiz.gov.sg are being sent to users. The contents of the email are as follows:

Dear GeBIZ Trading Partner, 

The Infocomm Development Authority of Singapore (IDA) shared that more than 530,000 users have completed their one-time account update since the enhanced SingnetPass was launched last week.

If you have not done so, you are advised to update your SingnetPass account at the link below: If you encounter difficulty with your password, you are advised to get your password reset.

UPDATE FROM HERE
< Phishing URL >

Yours Sincerely, GeBIZ Service Centre

The phishing URL is targeting at SingNet users.


[ Impact ]

User credentials could be stolen if users enter in their username and password into the phishing page.


[ Recommendations ]

  • Inform your ISP and GeBIZ immediately if you receive this suspicious email or phishing page
  • Change your password immediately if you have entered in your user credentials to the phishing page. If the same password is used across many services (e.g. Gmail, Hotmail, Yahoo), those services passwords must be changed as well. The password should preferably be at least have 8 characters and consist of alphanumeric characters. For more information on creating a strong password, please refer to:https://www.gosafeonline.sg/password_security_and_management
  • Do not click on the links in suspicious emails

For more information on phishing, users may refer to:https://www.gosafeonline.sg/phishing

For more information on protecting yourself against phishing, users may refer to:https://www.gosafeonline.sg/top_ten_ways_to_defend_against_phishing


[ Reference ]

https://www.gebiz.gov.sg/