Four teens among 11 suspects nabbed in two-week islandwide anti-scam operations 2023.9.23……【Police】【Singapore,新加坡】A total of eight men and two women, aged between 17 and 57, and a 16-year-old teenager have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Another five men and a woman, aged between 21 and 41, are assisting in the investigations, following an island-wide anti-scam enforcement operations conducted between 11 and 22 September 2023.
➤【新加坡】警方周六表示,因涉嫌参与一系列与银行相关的恶意软件诈骗而被捕的 11 人中有 4 名青少年。
这些青少年包括三男一女,年龄在 16 岁至 19 岁之间。另外七名嫌疑人,六男一女,年龄在 20 岁至 57 岁之间。
9月11日至22日,商业事务部和警察情报部在全岛范围内开展反诈骗行动后,他们被抓获。
另有五男一女,年龄介乎21岁至41岁,正在协助调查。
在两周的时间里,商业事务部 (CAD) 和警察情报部 (PID) 的官员在全岛范围内同时开展行动,逮捕了这 11 人。初步调查显示,七名男子和两名女子以及一名青少年据称通过放弃银行账户、网上银行凭证和/或披露 Singpass 凭证以获取金钱利益,为诈骗案件提供了便利。据信,一名 28 岁男子从自己的银行账户中提取了钱,并将钱交给了一名身份不明的人。
自 2023 年 1 月以来,警方收到越来越多的报告称,恶意软件被用来破坏 Android 移动设备,导致受害者的银行账户进行未经授权的交易,即使他们没有泄露其网上银行凭证、一次性密码(OTP) 或任何人的 Singpass 凭证。在这些案例中,受害者对 Facebook 等社交媒体平台上的广告(例如清洁服务、宠物美容、海鲜和杂货等食品)做出回应。然后,诈骗者指示他们从非官方应用商店下载 Android Package Kit (APK) 以方便购买,从而导致恶意软件安装在他们的移动设备上。随后,诈骗者通过电话或短信说服受害者打开 Android 手机上的无障碍服务。这削弱了手机的安全性,使诈骗者能够完全控制受害者的手机。因此,诈骗者可以记录每次击键,窃取手机上存储的银行凭证,远程登录受害者的银行应用程序,将钱骡添加为收款人,提高支付限额并将资金转移给钱骡。诈骗者还可以进一步删除与这些银行转账相关的短信和电子邮件通知,以掩盖他们的踪迹。
警方调查正在进行中。根据《1992 年腐败、毒品贩运和其他严重犯罪(没收利益)法》第 54(5)(a) 条,从犯罪行为中获取利益的犯罪行为可判处最高 10 年监禁,最高罚款 500,000 美元, 或两者。

11 PERSONS ARRESTED FOR SUSPECTED INVOLVEMENT IN BANKING-RELATED MALWARE SCAM CASES

A total of eight men and two women, aged between 17 and 57, and a 16-year-old teenager have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Another five men and a woman, aged between 21 and 41, are assisting in the investigations, following an island-wide anti-scam enforcement operations conducted between 11 and 22 September 2023.

Over the course of two weeks, officers from Commercial Affairs Department (CAD) and Police Intelligence Department (PID) mounted simultaneous island-wide operations and arrested the 11 persons. Preliminary investigations revealed that seven men and two women, and the teenager, had allegedly facilitated the scam cases by relinquishing their bank accounts, Internet banking credentials and/or disclosing Singpass credentials for monetary gains. A 28-year-old man is believed to have withdrawn money from his bank account and handed the money to an unknown person.

Since January 2023, the Police have received increasing number of reports of malware being used to compromise Android mobile devices, resulting in unauthorised transactions made from the victims’ bank accounts, even when they have not divulged their Internet banking credentials, One-Time-Passwords (OTPs) or Singpass credentials to anyone. In these cases, the victims responded to advertisements (e.g., on cleaning services, pet grooming, food items such as seafood and groceries, etc.) on social media platforms like Facebook. They were then instructed by the scammers to download Android Package Kit (APK) from non-official app stores to facilitate the purchase, which led to malware being installed on their mobile devices. Subsequently, the scammers convinced the victims via phone calls or text messages to turn on accessibility services on their Android phones. This weakened the phones’ security, allowing scammers to take full control of the victims’ phones. As a result, the scammers could log every keystroke, steal banking credentials stored on the phones, remotely log access victims’ banking apps, add money mules as payees, raise payment limits and transfer money to money mules. The scammers can further delete SMSes and email notifications related to these bank transfers to cover their tracks.

Police investigations are ongoing. The offence of acquiring benefits from criminal conduct under Section 54(5)(a) of the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992, carries an imprisonment of up to 10 years, a fine of up to $500,000, or both. For deceiving the banks into opening bank accounts that were not meant for their own use and relinquishing their bank account login details, they are liable under Section 417 read with Section 109 of the Penal Code 1871 and Section 3(1) of the Computer Misuse Act 1993 respectively. The offence of cheating under Section 417 of the Penal Code 1871 carries an imprisonment term of up to three years, or with a fine, or both, while the offence under Section 3(1) of the Computer Misuse Act 1993 carries a fine of up to $5,000, or an imprisonment term of up to two years, or both. For disclosing their Singpass credentials under Section 8 of the Computer Misuse Act 1993, they are liable to an imprisonment term not exceeding three years, a fine of up to $10,000, or both.

Advisory Against Downloading of Malicious Apps

The Police would like to remind members of the public that they should not click on suspicious links, scan unknown QR codes, or download mobile apps from third-party websites or unknown sources. These unverified apps may contain malware, which can severely compromise the security of mobile devices. Instead, members of the public are reminded to only download apps from official app stores. Before downloading any app, check the number of downloads and user reviews. Always be wary of any requests for Singpass and banking credentials or money transfers and attractive offers that sound too good to be true. Lastly, members of the public are advised to turn on security settings, such as disallowing installation of apps from unknown sources, to help protect their devices.

The Police will spare no effort to track down cybercriminals responsible for banking-related malware incidents and will continue to take tough enforcement actions against those who flout the law. To avoid being an accomplice in these crimes, members of the public should always reject seemingly attractive money-making opportunities promising fast and easy pay-outs for the use of their Singpass accounts, bank accounts, or for allowing their personal bank accounts to be used to receive and transfer money for others. The Police would like to remind members of the public that individuals will be held accountable if they are found to be linked to such crimes.

For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688. Anyone with information on such scams may call the Police Hotline at 1800-255-0000 or submit information online at www.police.gov.sg/iwitness. All information will be kept strictly confidential.

PUBLIC AFFAIRS DEPARTMENT
SINGAPORE POLICE FORCE
23 September 2023 @ 2:25 PM


Four teens among 11 suspects nabbed in two-week islandwide anti-scam operations

The 11 suspects were nabbed following islandwide anti-scam operations from Sept 11 to 22. PHOTO: SINGAPORE POLICE FORCE

UPDATED 2023年9月23日 下午5:39 SGT

SINGAPORE – Four teenagers were among 11 people arrested for their alleged involvement in a spate of banking-related malware scams, the police said on Saturday.

The teenagers, three male and one female, are aged between 16 and 19. The other seven suspects, six men and one woman, are aged between 20 and 57.

They were nabbed following islandwide anti-scam operations by the Commercial Affairs Department and Police Intelligence Department from Sept 11 to 22.

Another five men and a woman, aged between 21 and 41, are assisting with investigations.

The police said that the 10 people, including the four teenagers, had allegedly facilitated the scam cases by relinquishing their bank accounts, Internet banking credentials and Singpass credentials for monetary gains.

One of the suspects, a 28-year-old, is believed to have withdrawn money from his bank account and handed the money to an unknown person, the police added.

Since January, the police has received an increasing number of reports of unauthorised bank transactions made after victim’s mobile devices were compromised by malware. This was even when the victims did not share their Internet banking credentials, One-Time Passwords or OTPs, or Singpass credentials to anyone.

From January to June, 22,339 scam cases were reported, a 64.5 per cent increase from the 13,576 cases during the same period last year.

However, the total amount victims lost in the first half of this year dipped slightly to $334.5 million, from $342.1 million during the same period last year.

The victims responded to advertisements on social media platforms like Facebook, and were duped into downloading an Android Package Kit from unofficial app stores, which led to malware being installed on their mobile devices.

Subsequently, the scammers convinced the victims via phone calls or text messages to turn on accessibility services on their Android phones, which weakened the phones’ security and allowed scammers to take full control of the victim’s phones.

Scammers could then take note of every keystroke, steal banking credentials stored on the phones, remotely log in and access victims’ banking apps, add money mules as payees, raise payment limits and transfer money to money mules.

The scammers could also delete SMSes and email notifications related to these bank transfers to cover their tracks.

Earlier this month, a woman who wanted to buy mooncakes online lost $76,000 after scammers took control of her phone through a third-party app and siphoned the money from her bank account.

Similarly, in August, a woman who placed an online order for grouper fillets lost over $44,000 after scammers took control of her Android phone and banking details remotely.

The police has advised the public against downloading apps from third-party websites or unknown sources, scan unknown QR codes, or clicking on suspicious links, as these could contain malware. They also advise the public to download apps only from official app stores and to be wary of requests for Singpass and banking credentials or money transfers.

The public can also turn on security settings that disallow the installation of apps from unknown sources.

People should reject attractive money-making opportunities that involve the use of their Singpass accounts or bank accounts for illegal activities, they added.

For more information on scams, the public can visit www.scamalert.sg or call the anti-scam helpline on 1800-722-6688.

Anyone with information on such scams may call the police hotline on 1800-255-0000, or submit information online at www.police.gov.sg/iwitness.

评论

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注