Six men, aged 17 to 35, and an 18-year-old woman will be charged in court on 17 August 2023 for their suspected involvement in money laundering activities linked to banking-related phishing scam cases involving malware, which resulted in losses from victims’ bank accounts.
Between 7 June 2023 and 12 July 2023, the Police received several reports informing that malware was used to compromise Android mobile devices resulting in unauthorised transactions made from the victims’ bank accounts even though they did not divulge their Internet banking credentials, One-Time-Passwords (OTPs) or Singpass credentials to anyone. In these cases, the victims responded to advertisements (e.g., on cleaning services, pet grooming, food items such as seafood and groceries, etc.) on social media platforms like Facebook and were later instructed by the scammers to download Android Package Kit (or APK) from non-official app-store to facilitate the purchases, leading to malware being installed on the victims’ mobile devices. The scammers then convince the victims via phone calls or text messages to turn on accessibility services on their Android phones. Doing so weakens the phones’ security and allows the scammer to take full control of the phones. This means that the scammers can log every keystroke and steal banking credentials stored in the phones and allows the scammer to remotely log in to the victims’ banking apps, add money mules as payees, raise payment limits and transfer monies out to money mules. The scammers can further delete SMS and email notifications of the bank transfers to cover their tracks.
Through follow up investigations, officers from the Commercial Affairs Department arrested seven persons. Investigations revealed that the seven persons are suspected to be involved in the following cases of money laundering. The cases are:
- In May 2023, a 17-year-old teenager handed over his Internet banking credentials and ATM card to an unknown person who had offered him at least $400 in return for renting out his bank account. His bank account was subsequently used to launder proceeds of crime;
- Between May and June 2023, a 27-year-old man responded to an online advertisement on Telegram which offered him fast cash, and later agreed to disclose his Internet banking credentials as well as his wife’s Internet banking credentials to an unknown person. Their bank accounts were then used to launder criminal proceeds;
- In early June 2023, a 19-year-old man agreed to disclose his Singpass and Internet banking credentials to an online friend. His Singpass credentials were subsequently misused to open two bank accounts which were then used to launder criminal proceeds;
- In June 2023, an 18-year-old woman responded to an online investment scheme on Telegram which offered her at least $10,000 in return for using her two bank accounts. One of her bank accounts was then used to launder criminal proceeds;
- In June 2023, a 20-year-old man responded to an online advertisement on Telegram which offered him fast cash, and later agreed to disclose his Internet banking credentials to an unknown person. His bank accounts were then used to launder criminal proceeds; and
In July 2023, two men, aged 26 and 35, responded to online advertisements on Telegram which offered them fast cash, and later agreed to disclose their Internet banking credentials to unknown persons separately. Their bank accounts were then used to launder criminal proceeds.
For disclosing Singpass credentials, the offence under Section 8(2)(a) of the Computer Misuse Act 1993 carries an imprisonment term not exceeding three years or a fine not exceeding $10,000, or both, for a first-time offender.
For conspiring to cheat the bank into opening the bank accounts, the offence under Section 417 read with Section 109 of the Penal Code 1871 carries an imprisonment term not exceeding three years, a fine, or both. For abetting unknown persons to secure unauthorised access to the bank’s computer system, for a first-time offender, the offence under Section 3(1) read with Section 12 and Section 14 of the Computer Misuse Act 1993 carries a fine not exceeding $5,000, an imprisonment term not exceeding two years, or both.
The Police take a serious view of these offences and will not hesitate to take action against individuals who may be involved in scams, and perpetrators will be dealt with in accordance with the law. To avoid being an accomplice in these crimes, members of the public should always reject seemingly attractive money-making opportunities promising fast and easy pay-outs for the use of their Singpass accounts, bank accounts, or allow their personal bank accounts to be used to receive and transfer money for others. The Police would like to remind members of the public that individuals will be held accountable if they are found to be linked to such crimes.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688. Anyone with information on such scams may call the Police Hotline at 1800-255-0000 or submit information online at www.police.gov.sg/iwitness. All information will be kept strictly confidential.
SINGAPORE POLICE FORCE
16 August 2023 @ 2:00 PM