11 Persons Arrested For Suspected Involvement In Banking-Related Malware Scam Cases

/in


A total of eight men and two women, aged between 17 and 57, and a 16-year-old teenager have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Another five men and a woman, aged between 21 and 41, are assisting in the investigations, following an island-wide anti-scam enforcement operations conducted between 11 and 22 September 2023.

Over the course of two weeks, officers from Commercial Affairs Department (CAD) and Police Intelligence Department (PID) mounted simultaneous island-wide operations and arrested the 11 persons. Preliminary investigations revealed that seven men and two women, and the teenager, had allegedly facilitated the scam cases by relinquishing their bank accounts, Internet banking credentials and/or disclosing Singpass credentials for monetary gains. A 28-year-old man is believed to have withdrawn money from his bank account and handed the money to an unknown person.

Since January 2023, the Police have received increasing number of reports of malware being used to compromise Android mobile devices, resulting in unauthorised transactions made from the victims’ bank accounts, even when they have not divulged their Internet banking credentials, One-Time-Passwords (OTPs) or Singpass credentials to anyone. In these cases, the victims responded to advertisements (e.g., on cleaning services, pet grooming, food items such as seafood and groceries, etc.) on social media platforms like Facebook. They were then instructed by the scammers to download Android Package Kit (APK) from non-official app stores to facilitate the purchase, which led to malware being installed on their mobile devices. Subsequently, the scammers convinced the victims via phone calls or text messages to turn on accessibility services on their Android phones. This weakened the phones’ security, allowing scammers to take full control of the victims’ phones. As a result, the scammers could log every keystroke, steal banking credentials stored on the phones, remotely log access victims’ banking apps, add money mules as payees, raise payment limits and transfer money to money mules. The scammers can further delete…

Source…