Email impersonation scams rise 20% in first 9 months of 2016

Email impersonation scams rise 20% in first 9 months of 2016

In 2016 alone, about S$19 million have been lost through scams of this nature, police say.

A man talks on the phone as he surfs the internet on his laptop at a local coffee shop in downtown

SINGAPORE: There has been a sharp increase in the number of email impersonation scams in the city-state. In 2016 alone, about S$19 million have been lost through scams of this nature, police said on Monday (Nov 14).

In a media release, police said a total of 165 such cases were reported between January and September this year, a rise of 20 per cent compared to the same period last year.

Police found that the scam usually involves businesses with overseas dealings, and use email as their main mode of communication.

“Scammers first hack into either the victim’s or victim’s business partner’s email accounts. They will obtain information from emails and impersonate someone whom the victim has dealings with, such as a business partner. They then create spoofed email accounts to communicate with the victim and ask for money,” authorities said.

Spoofed email accounts often look very much like the genuine email address, police added.


Police said that they have been working with foreign counterparts on this issue, and have managed to recover US$100,000 (S$141,550) for a particular case which occurred in May this year.

On May 27, a local company had received an email from its overseas business partner requesting for money, but was unaware that their partner’s email account had been compromised.

They transferred the money to the foreign bank account but later realised they had fallen prey to a scam when their business partner informed them that they did not receive the money.

As a portion of the funds remitted were still in the foreign bank account, police were able to recover it, the release said, adding that successful recoveries like these are rare.

“If you discover that your business is a victim of such a scam, contact your bank immediately to recall the funds, and report the matter to the police,” police said.

To avoid becoming a victim of this scam, they also advised businesses to take the following precautions:

To prevent email accounts from being hacked -

  • Use strong passwords and change passwords of email accounts regularly
  • Enable two-factor authentication for email accounts
  • Install antivirus, anti-spyware/malware and firewall on computers, and keep them updated

To avoid falling prey to such scams -

  • Be mindful of sudden changes in your business partners or creditors' payment instructions and accounts. If in doubt, verify changes in bank account details over the phone. Previously known telephone numbers should be used instead of the numbers provided in the emails, as it may be compromised
  • Educate employees about this scam, especially those responsible for making fund transfers
Source: CNA/dl