Skip to main
Toggle notifications



    1800 255 0000
  • I-Witness

Police Advisory On Resurgence Of Phishing Scams Involving Malware To Steal Banking Credentials

The Police would like to alert members of the public on the resurgence of phishing scams involving malware installed on victims’ Android phones, with the malware being used to steal banking credentials. Since March 2023, at least 113 victims have fallen prey, with total losses amounting to at least $445,000.

Members of the public would come across advertisements for home services (e.g., cleaning, hiring maid, pet grooming) or sale of food items (e.g., durians) via social media messaging platforms like Facebook and Instagram on their Android mobile devices. Victims would contact the scammers via the social messaging platforms or WhatsApp and the scammers would send a uniform resource locator (URL) to the victims. The scammers would inform the victims to download the application found at the URL in order to book the services or purchase the food items, and to make payment.

Victims would be directed to fake internet banking login sites to key in their i-banking credentials and/or credit card or debit card information, to make payment within the application. Unknown to the victims, the application would contain malware that would redirect the victim’s banking credentials and SMS OTPs from the victims’ phones to the scammers. These would be used by scammers to access and make unauthorised transactions in the Android phone’s i-banking app. The victim would only realise that they had been scammed when they discovered unauthorised transactions made to their bank accounts or charges to their credit/debit card.

The Police would like to remind members of the public of the dangers of downloading applications from third-party or dubious sites that can lead to malware being installed on victims’ mobile phones, computers, and other Information Communications Technology (ICT) devices. Scammers will trick victims into installing malware-infected applications that are outside the app store. Members of the public are advised not to download any suspicious Android Package Kit (APK) files on their devices as they may contain phishing malware.

The Police would also like to advise members of the public to adopt the following precautionary measures:

  1. ADD - ScamShield App and set security features (e.g., enable two-factor (2FA) or multifactor authentication for banks and set transaction limits on internet banking transactions). Ensure that your devices are installed with updated anti-virus/anti-malware applications and your devices’ operating systems and applications are updated regularly to be protected by the latest security patches. Disable “Install Unknown App” or “Unknown Sources” in your phone settings.

  2. CHECK - For scam signs and with official sources (e.g., visit  or call the Anti-Scam Helpline at 1800-722-6688). Only download and install applications from official app stores (i.e., Google Play Store for Android). As an added precaution, check the developer information on the application listing as well as the number of downloads and user reviews to ensure it is a reputable and legitimate application. Always exercise caution when clicking on advertisements embedded within applications that lead to a third-party website that prompts download of files. Do not grant permission to persistent pop-ups that request for access to your device’s hardware or data.

  3. TELL - Authorities, family, and friends about scams. Report any fraudulent transactions to your bank immediately.

If you have any information relating to such crimes or if you are in doubt, please call the Police Hotline at 1800-255-0000, or submit it online at All information will be kept strictly confidential. If you require urgent Police assistance, please dial ‘999’.

For more information on scams, members of the public can visit or call the Anti-Scam Helpline at 1800-722-6688. To find out more about malware and the preventive steps that users can take to protect their devices, please refer to CSA's SingCERT advisory at https:// Fighting scams is a community effort. Together, we can ACT Against Scams to safeguard our community!

Annex A

Examples of Disabling “Install Unknown App” or “Unknown Sources” in Settings 


Victims chanced upon the sale of durians on social media platforms and were later told to download an app purportedly containing malware 


Conversation between the scammer and the victim 


After clicking on the URL, victims would be asked to download an application (APK file) offered outside the app store 


After downloading the app, the victim would be directed to fake Banking Login sites and be prompted to make payment 



13 April 2023 @ 9:20 PM
Hover to toggle social media icons SHARE
Hover to toggle social media icons SHARE