S$1.8 million lost to fake buyer phishing scams since start of 2024
An online scam victim sending a credit card number to a scammer. (File Photo: iStock)
This audio is generated by an AI tool.
SINGAPORE: At least S$1.8 million (US$1.3 million) has been lost to fake buyer phishing scams since January, with at least 419 victims falling prey, the police said on Wednesday (Feb 21).
Such scams involve criminals posing as "buyers" on online platforms, eventually duping victims into providing their internet banking or credit card details.
There has been a recent spate of fake buyer phishing scams on Facebook and Carousell, said the police in a news release, adding that 38 people are being investigated for their suspected involvement.
The 29 men and nine women, aged between 17 and 68, were rounded up during a recent week-long anti-scam enforcement operation.
Preliminary investigations found that most of the individuals facilitated the scams by opening new bank accounts. They then either relinquished the accounts to scammers, sold them for as much as S$1,500 per account or relinquished their Singpass credentials for as much as S$1,000 per set of credentials.
These people would then fail to receive the promised fees from the scammers.
"Some had given away their banking credentials or Singpass credentials in the applications of fake investment schemes, job scams or loan schemes, to purportedly receive earnings from investment, salary or loan," said the police, adding that one person also helped to receive and transfer money on behalf of the scammers.
HOW DO THESE SCAMS WORK?
Fake buyer phishing scams involve scammers posing as "buyers", approaching victims via in-app messages on platforms such as Carousell or Facebook.
These scammers would first express interest in the items listed by the victim.
After agreeing to the sale of the items, victims would receive a malicious URL link or QR code via email, in-app messaging or WhatsApp on the pretext of receiving payment.
The link or QR code would redirect victims to a spoofed website to provide their internet banking login credentials, credit card details or one-time password (OTP).
Victims would realise they had been scammed when they discovered unauthorised transactions made from their bank accounts or cards.
Members of the public are advised to protect themselves from scams by never disclosing their personal or internet banking details and OTP to anyone.
"Do not click on dubious URL links and always verify the authenticity of URL links," police said. "If in doubt, always verify the authenticity of the information with the e-commerce platform directly."
