Skip to main content




Impersonation scams: How familiarity can be used against you

Constant vigilance is key and verification should always be your first step.

Impersonation scams: How familiarity can be used against you

FILE PHOTO: Police are investigating 157 suspects involved in more than 495 cases of scams. (Photo: Shutterstock)

Impersonation scams are not a new phenomenon in Singapore but the number of victims is growing as the methods evolve with the times. A decade ago, the usual tell-tale signs, such as email scams with poor grammar, were easy to spot but these days, danger lurks around every corner.

Many of us may have received phone calls or messages with the caller or sender claiming to be from postal service companies, banks or government agencies, prompting the recipient to act on a matter that requires immediate attention. By creating a sense of urgency, these impersonation scams take advantage of victims’ fears.

A common ploy involves the scammer impersonating a bank representative and calling to check on fraudulent charges detected in a bank account. The impersonator would gain the victim’s trust by offering their help to resolve these issues. Caught unaware and fearful that their bank account might be compromised, these victims would follow the instructions of the scammer and provide their personal details, only to realise afterwards that they have been conned.

Although local media is rife with warnings of impersonation scams,  a whopping total of S$38 million was still lost to scams from January to November last year.


With more people staying home due to COVID-19, the increase in screen time is accompanied by greater exposure to impersonation scams through the online channels that we interact with on a daily basis, such as online streaming websites.

A common ruse on sites like these is spear phishing, or a targeted attempt to steal sensitive information such as personal account or financial information. While phishing is often carried out on a mass scale, spear phishing targets individuals, businesses or in some cases, users of certain websites.

This method of scamming has been proven to be highly effective over the years, and is usually carried out by finding information unique to the victims, such as places they frequent, and using that information to extract sensitive information.

If you receive phishing emails regularly, your email address was likely compromised in hack of a website that has your data. Photo: Shutterstock

One victim of such a scam was 40-year-old Zuraidah Malik, a primary school teacher. While watching an online drama, she encountered a pop-up window that prompted her to accept certain terms and conditions in order to continue using the site. She shared: “Upon providing the requested access, my laptop immediately froze and emitted a loud beeping sound. A window popped up, asking me to call a certain number within three minutes to ensure that my hard drive wouldn’t be wiped out.”

Ms Zuraidah panicked and called the number, which was answered by a man impersonating tech support for the site. He instructed her to transfer S$200 to a designated account to remove a virus in her laptop. She was then asked to transfer a further S$150 to upgrade her computer’s software. “I refused and was referred to a barrage of other contacts to call. As they seemed to have total control of my computer and my information was of utmost importance to me, I finally buckled and complied with their instructions. I soon realised that although the situation seemed to have been remedied, I had been conned of S$350,” admitted Ms Zuraidah.

Following her encounter, Ms Zuraidah sought the help of her school’s IT staff who cleaned the hardware and software of her laptop, before installing new security features. She also erred on the side of caution and changed her credit card. As this case illustrates, scammers often create a sense of urgency to throw victims like Ms Zuraidah off, persuading them to hand over their personal and financial information impulsively.


Another type of scam that is on the rise are social media impersonation scams, no doubt exacerbated by the ease and accessibility of social media platforms.

These scams come in many forms, but one of the most common are fake accounts made in the image of a friend. The “friend” may request your help in signing up for fake contest or promotions, or ask you for confidential information.

People are more vulnerable to such scams as they prey on familiarity through the impersonation of friends. It was reported in August that social media impersonation scams surged to 1,175 cases in the first half of this year, a jump by more than 1,300 per cent from 83 cases in the same period last year.

If an account in the name of your friend adds you, verify with your friend through another medium such as a call or a message. 


Online impersonation scams can be mitigated through vigilance on the part of the potential victim. One should never disclose personal information such as banking details, telephone numbers or even addresses to anyone online unless absolutely sure of the authenticity of the website or platform requesting them. One way of ensuring legitimacy is to check if the site has an SSL certification – seen by the padlock and the “HTTPS” protocol displayed on the web browser.

Government agencies or trusted businesses rarely use social messaging platforms to gather information. If the feedback is serious, consider asking for an email address to contact them. Should a caller make you feel uncertain, stop all communication and verify if the source is reliable through the organisation’s main phone line.

It is also important to verify payment methods before making any purchase – scammers often request payment through gift cards, prepaid cards, wire transfers or Bitcoin. These methods of payment are less traceable and make it difficult for the respective platforms to recoup any of the funds lost. To avoid falling prey to scams, secure payment platforms such as PayPal are ideal, as they provide both buyer and seller protection.

Also, be cautious of downloading attachments. As a rule, only open attachments that are expected and come from a trusted source, whether it’s at work or from friends. You can also use security software that automatically scans emails for malware and viruses.

It is only through constant vigilance and awareness that Singaporeans can prevent and mitigate online scams. Remember, always check before you click to protect yourself from online impersonation scams. You’re 1 Click Away from a better internet!

Infographic: Media Literacy Council


Also worth reading