The Police have observed a new scam variant of scams involving the sale of mooncakes on social media platforms (i.e. Facebook and Instagram). In August 2023, at least 27 victims have fallen prey, with total losses amounting to at least $325,000.
In these cases, victims would come across advertisements on Facebook and Instagram for the sale of mooncakes where buyers would contact the “sellers” via the social messaging platforms to place orders. The scammers would then engage victims on WhatsApp and direct them to malicious links to purchase the items and/or make payment. These malicious links will lead victims to download an Android Package Kit (APK) file, an application (app) created for Android’s operating system, that contains malware. In some cases, victims were first instructed to make PayNow/bank transfers for the purchase of mooncakes. Thereafter, the scammers would inform victims that their orders had to be cancelled due to production or manpower issues. In order to get their refunds, the victims would then be directed to the malicious links to download an APK file.
After downloading and installing the APK file (which includes granting the app accessibility services), the scammers will be able to access the victim’s device remotely to steal passwords and the malware with keylogging capabilities would retrieve the victim’s banking credentials. Subsequently, victims discovered unauthorised transactions from their banking accounts.
The Police would like to remind members of the public of the danger of downloading apps from third-party or dubious sites. Members of the public are advised to adopt the following precautionary measures:
- ADD - ScamShield App and set security features (e.g., enable two-factor (2FA) or multifactor authentication for banks and set transaction limits on internet banking transactions, including PayNow). Ensure that your devices are installed with updated anti-virus/anti-malware applications and your devices’ operating systems and applications are updated regularly to be protected by the latest security patches. Disable “Install Unknown App” or “Unknown Sources” in your phone settings and do not grant permission to persistent pop-ups that request for access to your device’s hardware or data.
- CHECK - For scam signs with official sources (e.g. ScamShield WhatsApp bot @ https://go.gov.sg/scamshield-bot, call the Anti-Scam Helpline on 1800-722-6688, or visit www.scamalert.sg). Only download and install applications from official app stores (i.e., Google Play Store for Android). Be wary if asked to download unknown apps in order to purchase items or services on social media platforms. Check the developer information on the app listing as well as the number of downloads and user reviews to ensure it is reputable and legitimate.
- TELL - Authorities, family, and friends about scams. Report the number to WhatsApp to initiate in-app blocking and report any fraudulent transactions to your bank immediately.
If you have already downloaded and installed the app (which includes granting the app accessibility services) or suspect that your phone is infected with malware, please take the following steps:
- Turn your phone to “flight mode”. Check that Wi-Fi is switched off and do not switch it on.
- Run an anti-virus scan on your phone.
- Check your bank account/Singpass/CPF etc for any unauthorised transaction(s) using other device(s).
- If there are unauthorised transaction(s), report to the bank, relevant authorities, and lodge a Police report.
- After completing steps a-c, if you believe that your phone has not been infected with malware, you may resume usage of your phone. As a further precaution, you may consider doing a “factory reset” of your phone and changing important passwords.
If you have any information relating to such crimes or if you are in doubt, please call the Police Hotline at 1800-255-0000, or submit it online at www.police.gov.sg/iwitness. All information will be kept strictly confidential. If you require urgent Police assistance, please dial ‘999’.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688. Fighting scams is a community effort. Together, we can ACT Against Scams to safeguard our community!
Annex A
Screenshots of the fraudulent Facebook advertisement ▼
SINGAPORE POLICE FORCE
05 September 2023 @ 5:00 PM