[SingCERT] SingPass Phishing Alert

Published on Thursday, 25 June 2015 12:00

[ Background ]

There have been several reports of phishing emails requesting users to verify their SingPass accounts.

[ Impact ]

User credentials could be stolen if users enter in their credentials into the fake SingPass page.

[ Solution/Workaround ]

  • Notify SingPass (support@singpass.gov.sg) immediately if you receive such an email
  • Do not open suspicious links from emails
  • For Government’s e-services that require you to log in via SingPass, always do so directly from the Government agency’s website so as to avoid being a victim of phishing
  • Do not enter in your user credentials to suspicious websites

[ References ]