SINGAPORE – Last year, the top 10 scams resulted in people being cheated of more than $201 million in total.
E-commerce scams, social media impersonation scams, loan scams and banking-related phishing scams were of particular concern, said the police, as these crimes accounted for 68.1 per cent of the top 10 scams reported last year.
Here is how they work:
Scammers dangle good deals for popular items such as electronic gadgets or tickets to events.
In cases involving event tickets, some scammers sell the same ticket to different buyers, resulting in victims being denied entry at the venue.
Some of these scammers also create fake tickets by duplicating barcodes from second-hand tickets or generating fake barcodes to make fake tickets look legitimate.
For goods bought on online platforms, scammers also tend to extort more money from their victims by demanding further payment for delivery charges, taxes or insurance after the first payment.
To counter scams, some e-commerce platforms have features such as holding payments in escrow.
But scammers get around this by telling buyers to make a direct bank transfer instead of purchasing through the platform.
Social media impersonation scams
Scammers hack into the victim’s social media account or messaging app, impersonating the victim and using his accounts to send messages to his contacts.
Scammers may also create cloned accounts with a similar username and pictures of the actual user. Public accounts make it easier for the scammer to obtain pictures.
To make a scam account look legitimate, some scammers use bots – a software application that runs automated tasks – to generate “likes” or comments on posts, to make the account look legitimate.
These scammers then reach out to the actual user’s contacts on social media using the fake account, and these messages would often ask for personal details, such as bank account details or their mobile number.
A common ruse that these scammers use is telling victims that they have won a contest or giveaway and telling them to click on malicious links.
They may also ask for one-time passwords (OTPs) for accounts on platforms, such as Lazada or Shopee, on the pretext of helping the victims to sign up for fake accounts, contests or to claim prizes.
With the OTPs, the scammers can then gain access to these accounts and perform unauthorised transactions.
It is not uncommon to receive text messages or calls advertising for loans or loan services from those claiming to be from licensed moneylenders.
Scammers often use these messages to try to lure unsuspecting victims with low interest rates or fast loan approvals.
Those who fall for the scam are told to transfer some money as a deposit before the loan can be issued.
In some cases, fake business websites might be created to convince the victim that the scammers are from legitimate companies, and “invoices” sent over from the scammers may also have company logos taken from genuine companies to trick the victim.
After the victim pays the “deposit”, these scammers then try to extort more money from the victim by saying that errors had occurred, such as the money going to the wrong account.
Bank-related phishing scams
A new variant of bank-related phishing scams emerged in January, with scammers impersonating Singapore government officials.
Victims in such cases receive phone calls or messages allegedly from government agencies claiming that there are issues with their bank accounts.
They are then asked to verify their personal details, such as their bank account details and NRIC number.
In other cases, victims receive messages with fake advertising campaigns, lucky draws or attractive promotions offered by local banks.
Those who click on the Web link provided land on a phishing site made out to look like a bank’s website, where they are asked to log in with their Internet banking details and OTP.
In other cases, they are asked to call a specified phone number for assistance, and scammers impersonating bank staff would ask the victims for their Internet banking details.
Unauthorised transactions are then made from these accounts.
These scammers use spoofed messages, which appear in the same thread as official messages from local banks.
Spoofing technology is commonly done by configuring the settings of a VoIP, or Voice over Internet Protocol (IP), service provider, which allows users configure the caller ID display phone number.
E-mail addresses, websites and even IP addresses can be spoofed.
Scammers also try to catch their victims through robocalls, by running a list of numbers through auto-dialling software installed on a computer.
The robocall platform calls multiple recipients at the same time, in the hopes of landing a victim.
Join ST’s Telegram channel here and get the latest breaking news delivered to you.
Source: Read Full Article