352 victims in S’pore duped by fake buyers on Carousell since November


The police said on Dec 2 there has been an increase in the phishing scam variant where scammers would pose as buyers on Carousell and victims would be asked to key in their banking details on spoofed websites to facilitate payment or delivery. — Pay online photo created by jannoon028 - www.freepik.com

SINGAPORE: At least 352 victims have fallen prey to scams involving fake buyers on Carousell since November, with losses amounting to at least S$335,000 (RM1.08mil).

The police said on Dec 2 there has been an increase in the phishing scam variant where scammers would pose as buyers on Carousell and victims would be asked to key in their banking details on spoofed websites to facilitate payment or delivery.

“In this variant, scammers would approach victims on Carousell and express interest in items that the victims had listed on the platform,” said the police. “After agreeing to the sale of the items, the scammer would request for the victims’ contact details to receive a link to facilitate payment or delivery of the item.”

Victims would then receive an e-mail, SMS or WhatsApp message from the scammer with dubious URL links, like cutt.ly/31uXCDu or carousell.quick-funds.in/266780736, or QR codes.

Upon clicking on the links or scanning the QR codes, they would be redirected to a spoofed website to provide information like their Internet banking login credentials, bank card details or one-time passwords (OTP).

Victims would realise they had been scammed only when they find out unauthorised transactions had been made from their bank accounts or cards, said the police.

The police advised the public to always verify buyer’s profile on online marketplaces by checking the account’s verification status, creation date, reviews and ratings.

They also urged the public to verify URLs, noting that only domains that end with carousell.com or carousell.sg are Carousell domains while other links such as carousellpay.com, carousell.xxx.com, carousell-pay.com, carousell.pay-sg.com are not domains from the platform.

While Carousell sends OTPs via SMS, it does not send links that way, said the police.

“Carousell users are advised to be wary of buyers asking for an e-mail address or phone number on the pretext that these details are required for the buyer to make an order through Carousell Protection. Carousell does not ask for payment, order confirmation, or card details via external sites or email,” the police added.

For more information on differentiating genuine Carousell websites from phishing sites, spotting scam trends, or transacting safely on the platform, the police advised users to check with the platform’s help centre. – The Straits Times (Singapore)/Asia News Network

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Scam

   

Next In Tech News

Opinion: Teens carry a threat to mental health in their pockets
Like Terminator’s T-1000, this robot liquefies before returning to its original form
This app offers travellers on the London Underground less-polluted routes
Find out if your personal data has fallen into the wrong hands online
FTX founder Bankman-Fried objects to tighter bail, says prosecutors 'sandbagged' him
As they enter a 4th generation, are foldable phones finally mature?
This free tool lets you extract text from images
Google Stadia is dead, but its controllers live on
Twitter says users will be able to appeal account suspension
New smart-home standard for Android and Google devices has arrived

Others Also Read