Android malware scam resets phones, drains over US$7.3 million in first half of 2023

SINGAPORE: In the first half of this year, more than S$10 million (approximately US$ 7.31 million) vanished from the pockets of over 750 unsuspecting victims, all falling prey to a malware-driven scam.

This insidious scheme not only drained their bank accounts but also wiped their phones clean of data.

On Wednesday (20 Sep), the Singapore Police Force (SPF)  issued an advisory about a new variant of Android malware scams, where scammers would initiate a factory reset on infected devices after the malware executes unauthorised transactions on the phone’s i-banking app.

These victims initially reached out to various “service providers” advertising their offerings on social media platforms, which included food deliveries, home cleaning services, and pet grooming.

The fraudsters posing as these sellers would then send them a web link via messaging apps, urging them to download and install an Android application.

In a further violation of trust, the victims were prompted to grant the app permissions to access their phones.

Upon installation, victims were instructed to make a $5 deposit through PayNow for the services they sought. Little did they know that their internet banking credentials were being silently captured by the malware’s key-logging feature.

Subsequently, the scammers, after gaining unauthorized access to the victims’ banking apps on their phones, carried out illicit transactions. To erase any traces, they initiated factory resets on the devices, effectively wiping them clean.

It wasn’t until victims contacted their banks or reinstalled their banking apps that they discovered these unauthorized transactions.

To safeguard against such threats, authorities recommend taking precautionary measures, such as downloading the Scamshield app, enabling security features like two-factor (2FA) or multifactor authentication for banking, and setting transaction limits for internet banking.

For those suspecting their phones are infected, the following steps are advised:

1. Activate flight mode on the phone and ensure Wi-Fi is turned off.
2. Run an antivirus scan on the phone.
3. Use another device to review bank, Singpass, and CPF accounts for unauthorized transactions.
4. Report any unauthorized transactions to both the bank and the police.
5. As an added precaution, perform a factory reset of the phone and update crucial passwords.

Banks should fully reimburse scam victims, argues WP Chairman Sylvia Lim

Notably, In a compelling adjournment motion presented in Parliament on Monday (18 Sep), Workers’ Party (WP) chairman, Sylvia Lim, emphasized that banks should bear full responsibility for reimbursing victims of scams and malware fraud.

Ms Lim’s argument was rooted in her belief that the onus should be on banks to restore the financial stability of the victims, rather than burdening individuals to navigate the intricacies of the financial system to reclaim their lost assets.

In her poignant speech, Ms Lim stated, “Given the delay in the publication of this framework, many scam victims have been left without recourse under the Loss Sharing Framework by no fault of their own.”

This comment referred to the MAS’s earlier intentions of implementing a loss-sharing framework, highlighting the urgency of the situation.

In her speech, Sylvia Lim highlighted several critical points regarding the protection of vulnerable customers in banking transactions.

She called for added verification steps and longer waiting periods for transactions involving vulnerable clients, such as the elderly or mentally impaired individuals, due to their heightened risk.

Ms Lim also emphasized the importance of international benchmarks, like forthcoming UK legislation, in which banks bear the cost of reimbursing scam victims.

Furthermore, Ms Lim expressed concerns about how banks handle complaints from scam victims, including the inadequacy of goodwill payments and the use of one-sided non-disclosure agreements.

She pointed out the significant power imbalance between individual victims and banks and urged the Monetary Authority of Singapore (MAS) to play a more active role in regulating fairness in consumer disputes.

Ms Lim’s proposal to have banks shoulder full reimbursement responsibilities for scam victims faced opposition from Mr Alvin Tan, Minister of State for Trade and Industry.

Mr Tan argued for a balanced approach, stating that the government must strike a balance between fairness and accountability. He expressed concerns that full restitution without considering culpability could reduce vigilance and personal responsibility among users.

Mr Tan highlighted efforts made by the Monetary Authority of Singapore (MAS) to strengthen digital security in banks, including the introduction of multi-factor authentication measures.

Regarding digital security, Mr Tan stressed the importance of consumers actively protecting themselves.

“Even with enhanced security, scammers can still bypass the digital security measures. This is why every consumer has to play an important role by practising good cyber hygiene and being digitally diligent,” he explained.

Regarding the handling and investigation of customer disputes, Mr Tan confirmed MAS’s proactive approach.

He said, “In scam cases, banks must consider if they had fulfilled their obligations and whether the victim had acted responsibly. Customers who practised good cyber hygiene and were diligent in preventing their log-in information and one-time passwords from being divulged to third parties should not have to bear losses.”

For aggrieved customers dissatisfied with a bank’s goodwill gesture, he recommended exploring mediation and adjudication avenues with Fidrec or considering legal routes.

Addressing Ms. Lim’s proposal on the reintroduction of physical tokens, Mr. Tan conveyed that MAS is currently assessing the potential implications.

He assured, “MAS also continues to watch for developments in the digital payment tokens or cryptocurrency space, and we regularly review the adequacy and appropriateness of these regulations.”