The SRF covers phishing scams with a digital nexus. These scams trick customers into clicking on fake links and entering their credentials on a fake website. Scammers use these stolen credentials to make unauthorised transactions.
For example, a scammer pretends to be a legitimate business or government entity and sends spoofed emails or SMS claiming to be account-related issues to trick the victim into clicking a URL link to a fake website where the victim enters his/her account credentials. The fraudulently obtained credentials are used to perform transactions that the victim did not intend to be performed.