Police Advisory On Resurgence Of Phishing Scams Involving The Impersonation Of OneMotoring

The Police would like to alert members of the public to a resurgence of phishing scams involving the impersonation of OneMotoring. Since 1 September 2024, at least 8 cases were reported, with total losses amounting to at least S$28,000.

In this scam variant, victims would receive electronic mails (e-mails) purportedly from OneMotoring by Land Transport Authority (LTA), informing that their vehicles' road tax or road license would be expiring. The scammers would disguise a malicious Uniform Resource Locater (URL) link by embedding it behind a legitimate-looking hyperlink text, misleading victims into believing that they are clicking on a safe link to access OneMotoring's website.

After clicking on the malicious URL link, victims would be redirected to a phishing payment website impersonating OneMotoring, where they would key in their vehicle registration numbers, personal information, and credit or debit card details.

Victims would only realise that they had been scammed after they discovered unauthorised transactions made to their credit or debit cards.

LTA does not notify vehicle owners of expiring road tax via e-mails. Notifications on road tax expiry of vehicles are sent to vehicle owners in one of these three ways: i)SMSes through the "gov.sg" sender identification; ii) e-letters deposited into the vehicle owner's OneMotoring account accessible only via Singpass login; or iii) hardcopy letters sent to the vehicle owner's registered address if they have opted for the hardcopy notifications. Messages from LTA do not contain payment links.

The Police would like to advise members of the public to adopt the following precautionary measures to avoid falling for scams:

1. ADD - Add the ScamShield app and set security features (e.g. set up transaction limits for internet banking transactions, enable Two-Factor Authentication (2FA), Multifactor Authentication for banks and e-wallets, use the Money Lock feature of your bank to "lock up" a portion of your money so that it cannot be transferred out digitally by anyone, further protecting your savings from scams). Do not send money to anyone you do not know or have not met in person before. Do not disclose your personal information, bank/card details and One-Time Passwords (OTPs) to anyone.
   
   
2. CHECK - Check for scam signs with official sources (e.g. call the Anti-Scam Helpline on 1800-722-6688 or visit www.scamalert.sg), or with someone you trust. Look out for tell-tale signs of a phishing website. If in doubt, always verify the authenticity of information provided with the company directly.
   
   Do not click on dubious URL links provided by anyone you do not know or have not met in person before. Take note of the URL in the address bar of your web browser.
   
   Check for the actual URL link of a hyperlink before clicking on it. Hover your mouse cursor over links in emails to see the actual URL. If using a mobile device, long-press the link to display a window with the actual URL.
   
   Check the sender's e-mail address in the "From" field instead of only referring to the Email Display Name.
   
   
3. TELL - Tell the authorities, family, and friends about scams. Report any fraudulent transactions to your bank immediately.

If you have any information relating to such crimes or are in doubt, please call the Police Hotline at 1800-255-0000, or submit it online at www.police.gov.sg/i-witness. All information will be kept strictly confidential. If you require urgent Police assistance, please dial '999'.

For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688. Fighting scams is a community effort. Together, we can ACT Against Scams to safeguard our community!

Annex A
Screenshots

Screenshot of e-mail sent by the scammer, using an email display name, "one motoring" and a malicious link embedded behind a legitimate looking hyperlink▼


Screenshot of an e-mail sent by the scammer, showing the sender's actual e-mail address and a malicious link embedded, that is revealed by hovering the cursor over the hyperlink text▼


Screenshot of phishing payment page impersonating OneMotoring▼