At least S$7.1 million lost to tech support scams since January 2022

SINGAPORE: A recurring tech support scam has duped at least 154 victims since January this year with losses amounting to at least S$7.1 million, the authorities warned on Tuesday (Apr 26). 

These scammers would approach victims under the pretext of assisting them to resolve computer or Wi-Fi network issues, said the police and Cyber Security Agency of Singapore (CSA) in a joint news release. 

Victims would typically receive a pop-up alert while using an Internet browser on their computer or an unsolicited phone call from individuals claiming to work for Internet service providers.

POP-UP ALERT

The pop-up alert would inform victims that their computer has been compromised. The alert would also include instructions for them to contact the software provider - such as Microsoft - at a stated number for assistance. 

The number would usually appear as variants of +653159(XXXX), leading victims to believe that it was a valid local help desk contact number. 

Victims who called the provided number would speak to scammers impersonating tech support personnel.

UNSOLICITED CALL

Scammers behind these unsolicited calls would claim to work for Internet Service Providers (ISPs) such as Singtel. 

The scammers would then indicate that the victims’ Wi-Fi network had been compromised by hackers, and they were calling to assist in resolving the issue. 

In some instances, the scammers would claim that there were fraudulent transactions made from the victims’ bank account, and that an investigation officer purportedly from government agencies, such as the CSA or the police, was investigating the incident. 

In such cases, the scammers might also send fake verification emails from spoofed email accounts to the victims.

REMOTE ACCESS APPLICATION

Following either method, the scammers would then request the victims to download a remote access application, such as Teamviewer, Ultraviewer, or AnyDesk. 

Under the pretext of resolving the issue, the scammers would instruct the victims to log into their Internet banking account, and to provide their credit or debit card details and One-Time Password (OTP). 

Following this, the scammers would utilise the remote access application to transfer funds from the victims’ bank accounts or make fraudulent charges to the victims’ credit or debit card.

SCANNING SINGPASS QR CODE

In some instances, victims would be directed to scan a Singpass QR code on a phishing website with their Singpass app, with scammers claiming that it was part of the verification process. 

By scanning the QR code and authorising the transaction, the victims would unintentionally give the scammers access to create cryptocurrency wallets with their details. These cryptocurrency wallets would later be used by scammers to facilitate the flow of illicit proceeds.

The police and CSA reminded members of the public that no telecommunications service provider or government agency will request for personal details as well as access to online bank accounts over the phone or through automated voice machines. 

They will also not request payment for services rendered. 

Anyone who believes they have fallen prey to such scams should take these immediate steps:

• Uninstall any software that you have installed at the instructions of the scammers.
• Log off and turn off your computer to limit any further activities that the scammers can execute.
• Report the incident to your bank to halt further activities relating to your bank accounts.
• Change your Internet banking credentials and remove any unauthorised payees who may have been added to your bank accounts.
• Report the matter to the police.

Members of the public are also encouraged adopt these preventive measures:

• Ignore such calls and the caller’s instructions. The "+" sign prefix indicates that it is an international incoming call. Domestic calls will not display the this prefix.
• Do not panic and do not follow instructions to install applications, type commands into your computer or log into your Internet banking accounts.
• When in doubt, always call the official hotline of your software provider, telecommunications service provider or government agency to verify whether the information you have received is sent by the organisation and if the transaction involves authentication using Singpass.
• When logging into a digital service with your Singpass app, ensure that the domain URL displayed on your Singpass app’s consent page matches that on your browser before proceeding. If not, do not tap on the "Log In" button on the consent screen.
• Never allow others to watch you enter your personal particulars, bank login details, or Singpass ID, passwords and Two-Factor Authentication (2FA) details such as SMS OTP and Singpass passcode.
• Report any fraudulent activity in your bank account to your bank immediately.

Those with information on such scams can call the police hotline at 1800-255-0000 or submit a report online. Those who require urgent police assistance can dial 999. 

Those encountering scammers impersonating CSA officers can report the incident to the agency. All information will be kept strictly confidential.