I did not lose my card or mobile, I was at home watching korean drama during the fraudulent transactions timing. My hp did not even beep for the SMS-OTPs...
now i put alert for all transactions >$1....
M1 even told me our sim cards are encrypted...
Reading the info that you have provided, this is probably what happened for your case:
1. How did they obtain Cardnumber, Exp Date, CVV:
Such info could be compromised at various possible sources (merchant, yourself via some insecure network, you shopping at a compromised merchant or even the bank data leak itself, etc). Obviously one can't pinpoint which is the exact one for most cases.
This info eventually made its way to Dark Web and hence obtained by fraudster easily.
(And this is main reason why we have 2FA)
2. How did they obtain SMS OTP?
You mentioned M1 reported OTB SMS was sent, but you did not see it on your phone.
As your SIM card did not stop working in this case, can safely say nothing to do with SIM swap attack.
Possible methods:
(a) Your mobile phone might have been infected with a virus (I recall you mentioned your phone was acting weird). If you did not already reset your phone, try scanning it with some well-known anti-virus apps and see if you find anything.
OR malicious app installed on it that allows the fraudster to manage (read, delete) your SMS.
Often there are apps that are installed and requests for certain permissions, which most do not review and simply proceed. For Android, you can check under Settings (usually, Settings > Apps > Permissions > SMS) to see which apps have permission related to SMS. See if anything is weird here.
(b) SMS Redirect. More details here, but to my limited knowledge not aware of any documented cases in SG:
https://arstechnica.com/information...ker-intercept-a-t-mobile-users-text-messages/
You might want to consider changing to a new phone, and new mobile number - to be on safe side.
Regarding M1's update to you:
Did they mention what date/time the OTB SMS were sent.
And what is the content of the SMS.
Do the above info correspond to what is expected from the bank SMS of the fraudulent transactions?