SINGAPORE - Banking apps from major retail banks, including OCBC and Citibank, have received enhanced protection against malware scams, the Association of Banks in Singapore (ABS) announced on Monday.

The anti-malware security measures have been designed by each bank to suit its customer base and systems, and will be progressively tweaked to keep up with threats as they evolve, the association said in a statement.

ABS said this will help deter scammers from being able to bypass scam protections across the industry in one fell swoop.

The measures work by detecting the presence of malware on customers’ devices and triggering actions when suspicious activities are detected, such as blocking access to the banking app or calling the customer before a transaction is put into effect.

“The security measures do not monitor nor conduct surveillance on customers’ mobile devices, nor do they collect or store any personal data,” ABS added.

“The anti-malware security measures may impact customers’ experience in performing banking transactions, but banks will continually calibrate their approach to achieve a right balance between the risk of fraud and inconveniencing legitimate transactions.”

The director of ABS, Mrs Ong-Ang Ai Boon, noted: “These measures will not be foolproof. The best defence against scams is still a discerning and vigilant customer.”

Ms Ho Hern Shin, deputy managing director of financial supervision at the Monetary Authority of Singapore (MAS), said MAS welcomes the banks’ enhanced security measures against malware scams.

“As scammers constantly adjust their tactics to evade existing safeguards, the industry must continue to respond in an agile fashion to counter these threats,” she added.

Ms Ho urged the public to remain attentive to scam advisories issued by the police and banks, so they will be aware of new scam tactics and can take steps to protect themselves.

Director of the Singapore Police Force’s Commercial Affairs Department David Chew said: “Malware scams targeting banking apps are a serious crime concern. Scammers will try to find ways to trick victims into installing malware-infected applications that take control of victims’ phones and thereby access and deplete the victims’ bank accounts.”

While noting that the new anti-malware measures will enhance security and protect banking app users against malware scams, he also advised users not to download any suspicious Android Package Kit (APK) files from third party or dubious sites, as this could lead to malware being installed on their devices.

There were 22,339 scam cases reported from January to June 2023, according to mid-year scam statistics from the police, a 64.5 per cent increase from the 13,576 cases during the same period in 2022.

OCBC Bank said on Sept 7 that an update to its banking app in August had thwarted malware scammers attempting to steal at least $2 million from more than 30 of its customers. No losses from malware were reported by those using the updated version of its app, it said.

An anti-scam feature on Citibank’s mobile app was rolled out last Friday, restricting users’ access to the app if risky permissions were detected on other apps.

Customers would have to disable permission settings on other apps such as screen sharing before they were allowed to resume usage of Citibank’s mobile app.

Citibank said the update was part of its ongoing efforts to provide customers with a safe and secure banking environment.