Facebook scam ad leads to downloading of malware: 2 people lose S$99,800 CPF monies

Don't be enticed by online sales that are too good to be true.

Belmont Lay| June 18, 2023, 04:47 AM

Follow us on Telegram for the latest updates: https://t.me/mothershipsg

The Singapore police has issued an advisory on June 17 to alert the public using Android devices on the emergence of scams involving malware.

This was after losses from victims’ Central Provident Fund (CPF) accounts, as well as bank accounts, have occurred.

Since June 2023, the police have received at least two reports of such cases, with the CPF savings loss amounting to at least S$99,800.

How scam works

Downloading of app from scammer

Members of the public would come across advertisements for groceries, such as for seafood, via social media messaging platforms like Facebook.

Victims would contact the scammers via the social messaging platform or WhatsApp and the scammers would send a uniform resource locator (URL) to the victims.

The scammers would inform the victims to download an Android Package Kit (APK) file, an application created for Android’s operating system, found at the URL to order groceries and make payment.

App contains malware that can steal passwords & passcodes

Unknown to the victims, the application would contain malware that allowed scammers to access the victims’ device remotely and steal passwords, including the Singpass passcode stored in the device.

The scammer might also call the victim to ask for their Singpass passcode, purportedly to create an account on the application.

Fake login sites

Victims would be directed to fake bank application login sites to key in their banking credentials to make payment within the application.

The malware with keylogging capabilities would then capture the credentials keyed by the victim in the fake banking sites and send it to the scammer.

Access CPF account, transfer funds out

The scammers would then access the victim’s CPF account remotely using the stolen Singpass passcode and request to withdraw the victims’ CPF funds via PayNow.

Once the CPF funds are deposited into the victims’ bank accounts, the scammer will access the victims’ banking application and transfer the CPF funds away via PayNow.

The victims would only realise the scam when they discover unauthorised transactions made to their bank accounts.

Do not be tricked

The police reminded members of the public of the dangers of downloading applications from third-party or dubious sites that can lead to malware being installed on victims’ mobile phones, computers, and other Information Communications Technology (ICT) devices.

Scammers will trick victims into installing malware-infected applications that are outside the app store.

Members of the public are advised not to download any suspicious APK files on their devices as they may contain phishing malware.

Precautionary steps to take

The police advised members of the public to adopt the following precautionary measures:

a) ADD - anti-virus/ anti-malware applications to your device.

Update your devices’ operating systems and applications regularly to be protected by the latest security patches.

Disable “Install Unknown App” or “Unknown Sources” in your phone settings.

Do not grant permission to persistent pop-ups that request for access to your device’s hardware or data.

b) CHECK - the developer information on the application listing as well as the number of downloads and user reviews to ensure it is a reputable and legitimate application.

Only download and install applications from official app stores (i.e., Google Play Store for Android).

c) TELL - Authorities, family, and friends about scams.

Report any fraudulent transactions to your bank immediately.

The public can call the police hotline at 1800-255-0000, or submit a report online at www.police.gov.sg/iwitness for scam-related crimes.

All information will be kept strictly confidential.

For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688.

To find out more about malware and the preventive steps that users can take to protect their devices, please refer to CSA's SingCERT advisory.

Top photos via SPF & Unsplash