Security
ALERTS

 

What’s happening

We’ve been alerted that customers have received fraudulent communications allegedly made by M1.

These scams are known as phishing – a cybersecurity attack where malicious organisations attempt to trick you into divulging sensitive personal data such as login IDs and/or passwords. The data is then used to gain access to important accounts and can lead to identity theft or financial loss.

Below are some of the phishing emails, SMSes, and other forms of communication that we’re aware of posing as M1. Please refer to this page for the latest report.

We’ll also increasingly use app notifications to share scam alerts via My M1 and My M1+ apps. Please keep your app notifications enabled.

We’ve been alerted that some customers have received phone calls from scammers impersonating M1 staff. These scammers would ask for the customers’ credit card or banking details on the pretext that their mobile lines will be suspended due to non-payment.

Please note that M1 does not call our customers to request for credit card or banking details, and we strongly urge customers to be vigilant against such phone scams.  M1 customers can access the status of their bill payments and pay their outstanding balances through the M1+App. 

Description:

2 Jan 2024: We’ve been alerted to a “M1 customer reward program” on social media where customers can win phones or gift cards by answering a questionnaire. This programme is not conducted by M1, and we strongly urge our customers not to participate as it is possibly an unlawful attempt to phish for their personal information.

security-announcement

We have been alerted that there is a website impersonating the M1 login page. This is likely an attempt to phish for our customers’ login details and other personal information. Customers are encouraged to log onto their M1 account through this main page (https://www.m1.com.sg/), and to exercise caution of links sent through emails, SMS or posted online as some links may be fraudulent and lead to malicious websites.

Description:

As part of Infocomm Media Development Authority’s efforts to strengthen protection against scams, registration with the Singapore SMS Sender ID Registry (“SSIR”) will be mandatory for all organisations that use SMS Sender IDs. With effect from 31 January 2023, under SSIR, all non-registered alphanumeric Sender IDs and SMS will be marked as “Likely-SCAM” when sent to Singapore mobile users. This functions similarly to a “spam filter and spam bin”.

We urge customers to remain vigilant against ongoing scams and look out for our SMS advisory to alert customers on the “Likely-SCAM” SMSes they may receive.

For more information on anti-scam measures, refer to go.gov.sg/antiscam-measures

Description:

We’ve been alerted that customers have received fraudulent communications allegedly with personal information provided by M1. Scammers have contacted customers via whatsapp from overseas numbers on the pretext of a survey to retrieve personal information, citing contact details provided by M1.

M1 is certified under IMDA’s Data Protection Trustmark (DPTM) and we can assure customers of the sound and accountable data protection practices in place to protect customers’ privacy. M1 will never divulge personal data to other parties without your consent, unless required by law.

Do exercise vigilance against ongoing scams and keep your personal information strictly confidential.

We’ll also increasingly use app notifications to share scam alerts via My M1 and My M1+ apps. Please keep your app notifications enabled.

customer-scam

Description:

We’ve been alerted that scammers may impersonate M1 on telegram to engage in fraudulent communications. Please take note M1 does not have a telegram channel and we urge our customers to stay vigilant against scams.

Description:

We have been alerted of customers receiving phishing emails impersonating as M1 name to log in and view transactions. These fraudulent emails may contain weblinks that try to obtain your financial/personal information or lead to phishing attacks. Please exercise caution and do not follow any instruction from such emails.

Description:

The authorities have notified us of fraudulent SMS messages have been reported, impersonating a local telco and requesting its customers to update their billing information via a bit.ly link or their service will be suspended.

As a reminder, M1 will never request for billing details via SMS, email or any other similar channels. Please remain vigilant, exercise caution and follow these tips to protect yourself.

Description:

We have been alerted of incidents where scammers claim to work for or impersonate staff from Internet Service Providers (ISPs) under the pretext of solving network issues, instructing victims to call certain hotline numbers or to download remote access applications and provide personal and financial information through certain websites (e.g. Singpass/ internet banking).

M1 will not request for personal details, access to online banking accounts or ask for payment for services rendered over the phone or through automated voice machines. Customers should also ignore incoming calls that begin with the “+65” prefix, which indicate that it is an overseas number that has been spoofed to look like a local number. Customers should not hesitate to reach out to M1 through the Live Chat function on the My M1 or My M1+ App to verify whether the information received is authentic.

We urge our customers to remain vigilant, exercise caution and not follow any instruction from such callers.

Description:

We would like to notify our customers of isolated incidents of phishing emails impersonating as M1 to obtain personal and financial information.
To further verify that you are on the official M1 website, go to the address bar of the web browser and look for the “lock” icon.

security-alert

The link within the email has been masked and clicking on the link will redirect customers to the phishing website. Upon hovering over the link, the true web link will be revealed.

security-alert

M1 will neither request for financial information to have customers check on their bills nor to provide a refund. Any surplus would instead be utilised to offset payment for the next month.
Do not hesitate to reach out to M1 to verify the authenticity of such emails and requests.
For customers whose accounts might have been compromised, please login to your M1 account to update your password. We urge all customers to exercise caution and not follow the instructions of such emails.

M1 will not request for personal or financial information through email, SMS or other similar channels.
If urgent action is required, do contact us using the Live Chat on the My M1 App. Mobile access to M1 accounts can be done through the My M1 App or by keying in our website’s URL (www.m1.com.sg) directly into the browser.

Description:

We would like to alert our customers of phishing websites impersonating as M1, with instances of scammers baiting customers with bill rebates or refunds, in attempts to obtain your M1 login credentials and credit card information. To mitigate such incidents, we would like to alert and encourage all customers to remain vigilant and protect yourself by checking that you are on the official M1 website. Go directly to https://www.m1.com.sg to ensure that you are on our website.

To further verify that you are on the official M1 website, go to the address bar of the web browser and look for the “lock” icon.

security-alert


Upon clicking the icon, a new window or pop-up should appear, confirming that the website has been verified by Entrust, with a certificate issued to M1 Limited.

security-alert


M1 will not request for personal or financial information through email, SMS or other similar channels.
If urgent action is required, do contact us using the Live Chat on the My M1 App. Mobile access to M1 accounts can be done through the My M1 App or by keying in our website’s URL (www.m1.com.sg) directly into the browser.



Description:

We would like to alert our customers on some isolated incidents where some customers have been seeing online pop-up messages while browsing, claiming to stand a chance to win a prize from M1. Please do not click on any link, form or button in the phishing pop-up message, which may contain weblink that try to obtain your financial/personal information or lead to phishing attacks. Please exercise caution and do not follow any instruction from such emails.

security-alert

Description:

Scam calls are prevalent around the world. To mitigate spoof calls, we would like to alert and encourage all customers to stay vigilant and protect yourself by:

1. Blocking unknown spam call numbers on mobile devices.

2. Practicing discretion when picking up calls from private numbers, overseas (if you are not expecting a call from overseas) or unknown prefix. Customers in Singapore are advised that for local calls, there will not be a ‘+’ prefix (Example 1) and international calls have a ‘+’ prefix (Example 2).

security-alert

3. Customers who receive suspicious unsolicited phone calls or automated voice messages should hang up immediately and not to provide or share personal details and passwords with unknown callers.

Description:

We noticed isolated incidents of emails, impersonating M1. These fraudulent emails may contain weblink that try to obtain your financial/personal information or lead to phishing attacks. Please exercise caution and do not follow any instruction from such emails.

security-alert

Description:

The “M1 Australia” Facebook page https://www.facebook.com/M1Australia/ is not a M1 Limited page. Customers are advised not to engage with or make any purchases via this page.

security-alert