Thursday, September 21, 2023

$10m lost in malware scam where victims’ banking credentials stolen by keylogger hidden in app to

×
The Straits TimesSPH Media Limited
INSTALL

$10m lost in malware scam where victims’ banking credentials stolen by keylogger hidden in app

The victims had contacted the “sellers” of various services advertised on social media platforms. PHOTOS: SINGAPORE POLICE FORCE
Wallace Woon
Updated
9 Hours Ago
2023-09-20
Facebook WhatsApp

SINGAPORE – At least $10 million has been lost from over 750 victims in the first half of this year due to unauthorised banking transactions performed by a malware scam which also resets the victims’ phones.

These victims had contacted the “sellers” of various services such as food purchase, home cleaning or pet grooming advertised on social media platforms, police said on Monday.

The sellers would send them a Web link over messaging platforms to download and install an Android application, as well as grant the appcertain permissions to access their phone.

Victims would then be instructed to transfer a deposit of $5 via PayNow for the services they want.

As payment was made, the victims’ Internet banking credentials were stolen by the malware’s key-logging function.

After accessing the banking app on the victims’ phones and performing unauthorised transactions, the scammers would initiate a factory reset on the devices, which erases all user data and settings.

These transactions would only be discovered by the victims after they had called their banks or reinstalled the banking apps on their phones.

Get a round-up of the top stories to start your day
Sign up

By signing up, you agree to our Privacy Policy and T&Cs.

The authorities advise people to take precautionary measures, such as downloading the Scamshield app and enabling security features such as two-factor (2FA) or multifactor authentication for banks, as well as setting transaction limits for Internet banking transactions.

Those who suspect that their phones are infected with malware should take the following steps: 

  • Turn the phone to flight mode. Check that its Wi-Fi is switched off and do not switch it on. 
  • Run an antivirus scan on the phone. 
  • Use another device to check bank, Singpass and CPF accounts for any unauthorised transactions. 
  • Report any unauthorised transaction to the bank and police. 
  • As a further precaution, users can do a factory reset of their phones and change important passwords.

For more information on scams, visit www.scamalert.sg or call the anti-scam helpline on 1800-722-6688.

Anyone with information on such scams may call the police hotline on 1800-255-0000, or submit information online at www.police.gov.sg/iwitness

More On This Topic
Can you spot a scam? Find out how well you know 6 common scams in S'pore
Losses of over $17.1m prevented after more than 800 scams disrupted by police and banks

Read the full story for $0.99/month

Save more than 90% on your subscription and get over 500 subscriber-only articles every month.

ST All-Digital Package - Monthly

$29.90 $0.99/month

No contract

$0.99/month for the first 3 months, $29.90/month thereafter. T&Cs apply.

Subscribe now

Unlock these benefits

  • Get subscriber-only articles on ST Web and app

  • Easy access on up to 4 devices

  • 2-week e-paper archive to ensure you never miss out on news that matters to you

Join ST's WhatsApp Channel and get the latest news and must-reads.

Facebook WhatsApp
YOU MAY LIKE
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)