The Police would like to remind members of the public to remain vigilant against malware scams where victims are deceived into installing malicious applications on their devices. Since February 2025, at least 128 cases were reported, with total losses amounting to at least $2.4million.
In this variant, victims would come across Facebook or Tiktok advertisements for various goods and services and would leave their contact details to indicate their interest. Scammers would then contact victims through WhatsApp messaging and request for a token sum as membership fee payment or an upfront deposit, to be made through a URL link. After entering the payment website and keying in their credit or debit card details or iBanking login credentials, victims would encounter payment issues.
To resolve their payment issues, scammers would then deceive victims into downloading a malicious application, in an Android Package Kit (APK) file format, sent through WhatsApp. The malware would allow scammers to remotely access victims’ devices to steal sensitive information such as SMS OTPs when the victims attempt to make payment for the membership fee or deposit. With the phished credit or debit card details and access to SMS OTPs, scammers would then perform subsequent unauthorised card transactions either from victims’ mobile device or their own.
In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
Members of the public are encouraged to adopt the following precautionary measures:
- ADD – Add the ScamShield application to block scam calls and SMSes. Add anti-virus applications and ensure that these applications are updated to scan for the latest malware. Visit www.csa.gov.sg for more information on the recommended list of anti-virus applications. Enable Google Play protect on your device. Disable “Install Unknown App” or “Unknown Sources” in your phone settings and do not grant permission to persistent pop-ups that request for access to your device’s hardware or data.
- CHECK – Check for scam signs with official sources. Call and check with the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam. You can check the legitimacy of suspicious messages, phone numbers and website links via the ScamShield application. Only download and install applications from official app stores (eg. Google Play Store). Be wary if you are asked to disable Google Play Protect or download unknown applications.
- TELL – Tell the authorities, family, and friends about scams. Report and block suspected scam accounts/chat groups. Report any fraudulent transactions to your bank immediately.
If you have already downloaded and installed the application, or suspect that your phone is infected with malware, please take the following steps:
- Turn your phone to “flight mode”. Check that Wi-Fi is switched off and do not switch it on.
- Run an anti-virus scan on your phone.
- Check your bank account/Singpass/CPF etc. for any unauthorised transaction(s) using other device(s).
- If there are unauthorised transaction(s), report to the bank, relevant authorities, and lodge a Police report. Continue to keep your phone in “flight mode” and do not do a factory reset before
- reporting the incident to the Police as this could hinder investigations.
- After completing steps a-c, if you believe that your phone has not been infected with malware, you may resume usage of your phone. As a further precaution, you may consider doing a “factory
- reset” of your phone and changing important passwords.
For more information on scams, members of the public can visit www.scamshield.gov.sg. Fighting scams is a community effort. Together, we can ACT Against Scams to safeguard our community!
SINGAPORE POLICE FORCE
17 April 2025 @ 7:30 PM