Otp0“My husband (who was phished by the scammers) did not surrender the OTP to the scam website because he was driving at the time… Yet, they were able to take over our account’s OneToken without an OTP, and then transact after that,” said one victim. Six scam victims said the fact that the fake message appeared in the SMS thread used by OCBC was why they mistakenly thought that the link in the message was credible At least 469 bank customers were affected by the phishing scam, totalling around S$8.5 million in losses Some did not give scammers their one-time passwords, but their accounts were hijacked anyway The bank has said it is rendering assistance to affected customers