Singapore Police warn public of resurgence in fake buyer phishing scams on Carousell and Facebook

SINGAPORE: The Singapore Police Force has issued a warning to the public regarding a recent surge in fake buyer phishing scams targeting users of popular online platforms Carousell and Facebook.

Since December 2023, at least 132 individuals have fallen victim to these scams, resulting in a staggering total loss of over S$314,000 (approximately US$236,115).

In this type of scam, perpetrators masquerade as interested buyers and approach victims through in-app messaging on Carousell or Facebook.

After expressing interest in items listed by the victims, scammers proceed to finalize the sale.

However, the unsuspecting victims later receive a malicious URL link or QR code via email, in-app messaging, or WhatsApp under the guise of facilitating payment or covering courier services like Lalamove for item delivery.

Once victims click on the provided links or scan the QR codes, they are redirected to a spoofed website where scammers deceitfully prompt them to input sensitive information such as internet banking login credentials, credit card details, and One-Time Passwords (OTPs).

The realization will dawn on victims only when they discover unauthorized transactions made from their bank accounts or credit cards.

The police are encouraging the public to take preventive steps to shield themselves from potential scams, including utilizing the ScamShield App and activating security features like transaction limits for Internet banking, along with implementing two-factor authentication.

Furthermore, individuals are urged to promptly report any dubious users and fraudulent transactions on online marketplaces to the relevant e-commerce platform.

It is also recommended to inform authorities, family, and friends about scams to enhance awareness.

Emphasizing the significance of remaining well-informed and vigilant, the police stress the importance of adopting these precautionary measures to prevent falling victim to phishing scams.

In addition, the public is advised to scrutinize for signs of scams through official channels such as the Anti-Scam Helpline or the Scam Alert website.

Scam-related losses in Singapore hit S$2 billion over 3-year period

In early November, a Singaporean woman fell victim to an online scam after clicking a Facebook link.

The scammer siphoned S$80,000 (approximately US$58,797) from her account,  leaving her with a mere 24 cents.

To compound matters, the scammer possibly infiltrated her phone, deftly disabling transfer notifications.

Between January 2020 and June 2023, victims in Singapore suffered approximately S$2 billion in losses due to scams.

Globally, scammers were estimated to have stolen around US$1.02 trillion from August 2022 to August 2023, as reported by a study conducted by the Global Anti-Scam Alliance and ScamAdviser, a data service provider.

On 25 October, the Monetary Authority of Singapore and IMDA proposed the Shared Responsibility Framework to address losses resulting from scams and allocate responsibility among financial institutions, telcos, and consumers.

The framework mandates that financial institutions and telcos failing in their responsibilities will be required to reimburse victims of specific phishing scams.

Negligence, such as banks’ failure to send outgoing transaction alerts or telcos’ lack of implementation of scam filters for SMSes, are areas outlined within this framework.

Separately, The Central Provident Fund (CPF) announced on Monday a default online withdrawal limit of S$2,000 (approximately US$1,490) per day will be enforced for all CPF members aged 55 and above in Singapore.

This measure aims to enhance the protection of Central Provident Fund (CPF) members against potential scams.