Zakat Singapore
Security Advisory

With the recent rise in scam and phishing cases, we understand the community’s wariness and concern surrounding the safety of online transactions; and the transmitting and receiving of confidential information.

Zakat Singapore is committed to ensuring the security of your transactions and privacy of your information, but we cannot do it without your support and vigilance.

1. ACCESSING A SECURE ZAKAT SINGAPORE WEBSITE AND PAYMENT PORTAL

Take the following steps to ensure that you are accessing the authentic and secure Zakat Singapore website and payment portal: 

  • The address of the website starts with “https://” instead of “http://”
  • Zakat Singapore only uses the following domains: zakat.sgpay.zakat.sgfidyah.zakat.sg. Scammers will attempt to make you access similar-looking sites and links – ensure that each letter is spelt exactly like the above, and not, for example, za3at.sg, zaka1.sg or even zakat.com.sg
  • When you are accessing the secure Zakat Singapore website, a padlock icon should appear on the address bar of the browser. To confirm that you are accessing the correct and secure website, click on the padlock icon to view the SSL certificate. On the SSL certificate, you should see “Connection is secure” and,

i. “About zakat.sg” when accessing the website

ii. “About pay.zakat.sg” when accessing the payment portal

If there are any discrepancies or if you received a warning on the SSL certificate, terminate your session immediately and notify us at [email protected].

2. Ensuring Communications from Zakat Singapore are Legitimate

  • Zakat Singapore sends out automated email reminders, receipts and Receipts once you begin and complete your online Zakat or Fidyah transactions via [email protected]
  • Zakat Singapore may also send out email communications via [email protected], [email protected] or Muis officers. Do note that email Billing Information of Muis officers and all government officials will have “gov.sg” in them

3. Protecting Your Account with Zakat Singapore

Your account with Zakat Singapore stores your billing, card, email address and past transaction records. To safeguard your data, ensure that you:

  • Create a safe and unique password with at least 12 characters and include uppercase and lowercase letters, numbers and symbols
  • Do not share your login details with anyone, including family, friends or any dubious sources
  • Change your password frequently

4. Recognising Scam and Phishing Attempts

There are various cyber fraud and attacks, including phishing, online and social media impersonations, tech support scams, banking-related phishing scams and e-commerce scams. Here is how you can spot such attempts:
  • Mismatched & misleading information (E.g., fraudulent links such as za3at.sg, inaccurate organisation details)
  • Use of urgent or threatening language Suspicious links, attachments, instructions
  • Unexpected communications requesting confidential, personal, or financial information such as bank account details, passwords, One-Time Passwords (OTPs); promises of attractive rewards; demands for urgent and immediate payment or payment by gift cards or shopping credit; instructions to install or access suspicious sites and software

5. Protecting Yourself from Scam and Phishing Attempts

  • Exercise greater caution in answering calls with a “+” sign prefix. Local calls will not display a “+” sign
  • Ignore the call or delete suspected phishing messages
  • Do not click on any suspicious links or attachment
  • Do not scan QR codes from unknown sources
  • Do not share your passwords
  • Do not disclose any personal or financial information with dubious sources or persons
  • Alert your bank if you revealed your card details, monitor your account for unauthorised withdrawals or purchases & make a police report if any funds are missing
  • Utilise reputable sites and platforms like www.zakat.sg to make your online Zakat and Fidyah payment

Verify with Zakat Singapore via [email protected] or Muis’ mainline at [email protected] or 6359 1199 if you receive any suspicious communication materials.