A number of Android users fell victim to scams involving malware, resulting in the loss of $99,800 from their Central Provident Fund (CPF) savings.
The police have issued a warning about these fraudulent activities, highlighting the need for caution while engaging with advertisements and downloading files on social media platforms.
How the Scams Were Executed
The victims encountered enticing advertisements promoting groceries, particularly seafood, on various social media platforms, including Facebook. Eager to make a purchase, they contacted the businesses through social media or WhatsApp.
In response, the scammers provided the victims with a URL to download an Android Package Kit (APK) file. APK files are designed for Android’s operating system and are typically used to install applications from third-party sources.
It is important to note that apps or APK files downloaded from the Internet or third-party sources can contain phishing malware. Unfortunately, the victims were unaware that the seemingly harmless application they downloaded contained malware.
This malicious software enabled the scammers to gain remote access to the victims’ devices and steal sensitive information, including passwords and Singpass passcodes, which are crucial for accessing CPF accounts.
Once the scammers had control over the victims’ devices, they resorted to further deception. Posing as legitimate representatives, the scammers would call the victims and request their Singpass passcodes, under the pretext of creating an account within the application.
Unknowingly, the victims provided the scammers with the passcodes, believing they were engaging in a genuine transaction.
With the stolen Singpass passcodes, the scammers gained remote access to the victims’ CPF accounts. They exploited this access to initiate fund withdrawals through PayNow, a convenient mobile payment system.
The victims’ CPF funds were transferred to their bank accounts as part of the withdrawal process. Seizing this opportunity, the scammers accessed the victims’ bank applications and swiftly transferred the funds out via PayNow, leaving the victims shocked and deceived.
Awareness and Vigilance
To prevent falling victim to such scams, it is crucial to exercise caution and be aware of the potential dangers. The police have emphasized the risks associated with downloading apps from third-party or dubious sites, as these often result in the installation of malware on computers, mobile phones, and other devices.
Therefore, it is strongly advised to refrain from downloading any suspicious APK files that may contain phishing malware.
To enhance security and protect against scams, it is recommended to regularly update devices with the latest security patches. These updates often include vital security improvements that can safeguard against emerging threats.
By ensuring devices are up to date, users can reduce the risk of malware infiltration and unauthorized access to sensitive information.
In the unfortunate event of falling victim to a scam, it is imperative to take immediate action. Victims should promptly report any fraudulent transactions to their respective banks, providing all necessary details to aid in the investigation and recovery process.
Additionally, it is advisable to visit the official scam alert website, www.scamalert.sg, for more information and contact