SG cops: Victims lose S$237,000 amid resurgence in parcel and telco phishing scams

Scammers would impersonate the firms and send out emails embedded with fraudulent URL links. — The Straits Times/ANN

SINGAPORE: At least 85 people here have lost about S$237,000 (RM791,726) since January 2022 after falling victim to phishing scams involving purported emails from Singapore Post (SingPost) and the telco Singtel.

It comes amid a resurgence in scammers impersonating both firms and sending out emails with unrelated domains, said the police on Nov 3. The emails were embedded with fraudulent URL links which were designed to steal victims’ personal information.

In the case of the scam emails purportedly from Singtel, victims were told that their accounts faced billing issues due to missing information. They were instructed to click on the embedded link to renew their subscriptions.

In the SingPost scams, victims were notified that they had outstanding payments to make for parcel deliveries. They were directed to use the link to make payments.

However, police said these links redirected the victims to fraudulent websites which then tricked them into providing their personal information, including their account username and password, as well as credit or debit card details and their one-time passwords.

Victims only realised they had been scammed after they discovered unauthorised transactions made using their credit or debit cards.

The advisory comes just before a slew of end-of-the-year sales are rolled out online, including the 11.11 sale which falls on Nov 11.

Such sales are often promoted on ecommerce platforms. A report in January by data and analytics company GlobalData projected that ecommerce spending in Singapore would grow from S$7.8bil (RM26.05bil) in 2021 to S$14.2bil (RM47.42bil) in 2025.

This year, consumers in Singapore are projected to spend S$9.2bil (RM30.72bil) online.

The police advise members of the public to refrain from clicking on links in unsolicited emails from email addresses with suspicious domain names.

Instead, they should verify the authenticity of the information with the official website or other official sources.

They should also never disclose their personal information, credit card and bank details or passwords, including one-time passwords, to anyone else.

Police said they should report any fraudulent transactions made with their e-payment accounts to the relevant service providers immediately. – The Straits Times (Singapore)/Asia News Network

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!



Next In Tech News

Central bank test lab to trial 'stablecoin' monitoring system
Exclusive-AFL-CIO wants bigger say in U.S. digital trade deals for workers
Retail investors flock to small-cap AI firms as Big Tech battles for share
STMicro leans on AI, cloud as chip designs become more complex
Canada's Hut 8 Mining to merge with US Bitcoin to weather crypto downturn
U.S. judge orders fresh review for Thacker Pass lithium project
Meta fails to stop work conditions case in Kenya
Musk’s Twitter expected to face the strictest EU content rules
Microsoft investigates Outlook outage as users face issues
Apple’s latest iPhones sell at US$100-plus discounts in China

Others Also Read