The Police has observed the re-emergence of social media impersonation scam. In the first six months of 2020, the Police received at least 1,175 reports of such scams, amounting to about at least $2.7 million, compared to only 83 cases in the same period in 2019. In the majority of these cases, victims were tricked into disclosing their credit card information and One-Time Password (OTP) to scammers.
Scammers would often use compromised or spoofed social media accounts to impersonate as the victims’ friends or followers on Facebook or Instagram. They would then ask the victims for their personal details such as mobile number, internet banking account details, and OTP on the pretext of helping them to sign up for fake contests or promotions on Grab, Lazada or Shopee. Victims would later discover that unauthorised fraudulent transactions had been made from their bank accounts and mobile wallets without their consent. These fraudulent transactions often occurred on online platforms selling game credits that could be used on a variety of online games.
Members of the public are advised to adopt the following crime prevention measures:
- Be wary of unexpected requests or offers from social media contacts, especially those related to lucky draws or contests.
- Verify whether the account is legitimate by checking with your family and friends offline.
- Never give out your personal or bank account details, and OTP to anyone, including family and friends.
For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688. Anyone with information on such scams may call the Police hotline at 1800-255-0000 or submit information online at www.police.gov.sg/iwitness.
Case Study 1
On 10 August 2020, Carol, a 27-year-old financial advisor received an Instagram message from someone with a similar username and display photo of her friend, Jenny. ‘Jenny’ requested for Carol’s contact number as she claimed that she needed it to participate in a lucky draw organised by Grab. Not suspecting anything amiss, Carol gave ‘Jenny’ her contact number. Carol subsequently received a few OTPs from Grab and provided them to ‘Jenny’, who claimed that she needed to use the OTPs in the contest.
Subsequently, Carol recounted the incident and found it strange that ‘Jenny’ would contact her out of the blue and ask for her contact number. She contacted the actual Jenny by phone and found that she was earlier speaking to an imposter. By then, Carol realised that there were unauthorised transactions charged to her Grabpay account and S$160 was fraudulently used to purchase gaming credits on a Malaysian website.
Case Study 2
On 8 August 2020, Mary, a retiree, received a message on Facebook Messenger from someone whom she assumed to be her friend, ‘Rose’, as the party’s display photo was indeed Rose’s. ‘Rose’ claimed that the shopping platform Lazada was having an anniversary lucky draw and she had signed up for the contest using Mary’s name. However, she needed Mary’s credit card information to claim the prize. Mary did not suspect anything and provided the front and back images of her credit card to Rose over Messenger.
Subsequently, Mary received several OTPs in quick succession. She was asked by ‘Rose’ to provide all the OTPs over messenger and assured that this was necessary for the lucky draw. Despite having some doubts, Mary complied.
Suddenly, Mary received incoming SMSes from her bank notifying her that over S$11,000 were transacted on her credit card on the Lazada and Shopee platforms for online gaming credits such as Razer Gold and MOL points, which were later established to have been redeemed. Mary also received a phone call from the actual Rose who stated that her Facebook account was hacked and several of her friends received messages from a scammer impersonating her. That was when Mary realised that she was duped.
Source: Singapore Police Force