Singtel is investigating how a customer's mobile line was allegedly terminated by a scammer posing as him.
In a Facebook post on Sunday night, Mr Dave Tai detailed how he suddenly found his mobile line with Singtel terminated by someone who claimed to be running a scam known as SimSwap.
The scammer claimed to have hacked the telco and retrieved Mr Tai's personal details from its records, including his address.
He demanded that Mr Tai provide a code to him, and assist in the scheme by facilitating transactions in bitcoin.
In his post, Mr Tai appeared to be convinced the scammer had accessed Singtel's customer database. He warned the public to be careful as he felt the telcos had been compromised.
He wrote: "Without my number, I cannot even access SingPass or change any of my passwords.
"What's even scarier is that the telco's official communication channels can become part of a scammer's tool."
[[nid:460564]]
The SimSwap scam, which has been around since 2018, typically works by having the scammer first obtain the victim's personal details such as their birthday, address and full name.
These are often culled from social media and other sources.
Using this information, the scammers then pose as the victim, contacting the telco and passing the authentication test which involves providing personal details for verification.
Once they clear the test, the scammers often have free reign of the victim's account.
Mr Tai updated his post on Monday saying his number had been reactivated by Singtel, which has also offered to change his number for better security.
UNFORTUNATE EXPERIENCE
A Singtel spokesman said: "We are sorry that Mr Tai had this unfortunate experience and have assisted him in resolving the issues with his account. We are conducting a thorough investigation and have reported the incident to the police."
The police said they are investigating the matter as well.
A StarHub spokesman said it has not had any such incidents reported so far, but is monitoring the development closely.
The spokesman said: "Such identity fraud cases take place when an impostor has personal information that a customer uses for authentication.
"We urge customers to be vigilant and never disclose personal information - such as usernames, passwords, identification numbers and date of birth - to third parties."
This article was first published in The New Paper. Permission required for reproduction.