One man in Singapore recently nearly fell victim to a scam caller posing as a staff member from Lazada, and took to Facebook to share with others his cautionary tale.
The caller had already managed to get ahold of the man's information on Lazada, and feigned protecting his Lazada account in order to get his OTP.
Knew his personal details
Sharing more details of the scam call, Stanley Fu said that the caller spoke in fluent English.
The male caller claimed to be from Lazada and told Fu that he detected a fraudulent transaction made in the UK despite his IP address being in Singapore.
The caller continued that he had barred the UK transaction and suspended it, and to further protect Fu's account, would require some information from Fu to help him reset and bar the transaction.
All he needed was an OTP from Fu.
Aware of similar scam calls, Fu asked the caller to verify his identity.
The caller was able to accurately provide him with his email account, contact number and home address.
Additionally, in order to further appear as if he was safeguarding Fu's privacy, the caller did not read out the entirety of Fu's personal details, instead saying: "Your email starts with firstname.lastname@example.org. Your HP number ends with **33."
This made the caller come across as more legitimate, Fu said, which "makes him very pro like a trained customer service officer".
Background sounded like call centre
In order to bar the supposed fraudulent transaction in the UK, the caller told Fu that he would send him an email with an OTP to verify who he was.
Fu then received the email while on the phone with the caller, and noted that the email was a legitimate one from Lazada, and not a phishing email.
It made sense to give the caller the OTP, as the person sounded so "genuine" and wanted to protect his Lazada account, Fu said.
However, out of a gut feeling, Fu refused.
Something else that raised his suspicions was the sound of other people making calls in the background, which is "very unlike a secure call".
Fu attempted to check the caller's identity further, which made the caller increasingly irritated and impatient.
"He kept saying he has many calls to make and I have kind of spent 15 mins of his time still not believing him."
It was this impatience that Fu felt gave him away as a scam caller, and Fu subsequently hung up on him.
Lazada confirmed it was scam caller
A check with Lazada revealed that the caller was indeed a scammer who had managed to get Fu's personal details.
Lazada also apparently confirmed with Fu that the email and OTP Fu received were authentic, Fu wrote in his post.
He added that the company is looking into the matter.
All the scam caller needed was thus to reset Fu's password with an OTP, and they would be able to charge credit card transactions from his account.
In the comments section of his post, Fu admitted that the call started with a "+65".
This prefix appears when the call is made from outside of Singapore, and there is a high chance that it is a scam call from abroad, spoofing a local number.
Fu ended his post by warning others of similar scam calls. You can read his full post here.According to ICA, no government agency will request for personal details or transfer of money over the phone or through automated voice machines.
ICA urged people not to provide their personal information such as name, identification number, passport details, contact details, bank account or credit card details to suspicious or unknown parties.
Follow and listen to our podcast here
Top photo from Unsplash and Lazada website