SINGAPORE: Seven people have been arrested for allegedly using the Immigration and Checkpoints Authority’s (ICA) e-service to illegally change other people’s registered home addresses.

In a statement on Tuesday (Jan 14), the police said the six men and a woman, aged between 19 and 32, are purportedly responsible for at least 30 of the cases of unauthorised attempts first announced by ICA on Jan 11.

ICA had said then that it suspended that online service temporarily after 80 unauthorised attempts to change the registered home addresses via the service were reported, with 75 per cent of them successful.

In an update later on Jan 14, ICA said that as at Jan 13, it found a total of 87 unauthorised attempts, 69 of which were successful.

Of these successful attempts, the culprits gained control of 17 Singpass accounts, said ICA.

The police said between Jan 11 and 13, more than 60 officers from the police’s Criminal Investigation Department and Police Intelligence Department mounted an islandwide operation to arrest the suspects.

Six are being investigated for offences under the Computer Misuse Act, for unlawful disclosure of access codes.

One is being investigated for the offence of unlawful disclosure of passwords or access codes in relation to Singpass under the same Act.

Some are also being investigated by ICA for alleged breaches under the National Registration Regulations, the police said.

It added that investigations to identify the other perpetrators are ongoing.

Those found guilty of the unauthorised disclosure of access codes can be jailed for up to three years, fined up to $10,000, or both, for first-time offenders.

Those found guilty of the unlawful disclosure of passwords or access codes in relation to a national digital identity service can get the same punishment.

ICA said in its Jan 14 update that it had resumed the service that allows the public to change their own address and implemented additional security measures.

Users must now perform face verification when logging in using their Singpass account.

The modules that allow individuals to change the addresses for others remain unavailable.

ICA said it is working on additional security measures to prevent abuse and to safely allow the change of address by a family member or a proxy.

ICA said it is contacting all 87 affected individuals to inform them of the attempted change to their registered addresses, and house visits were made to those uncontactable by phone.

For all 87 cases, ICA said it is facilitating a replacement of their identity card, and restoring their registered address in its database to their legitimate one.

The Singpass accounts linked to all 87 cases have been reset or suspended, it added.

ICA said it is working together with the Government Technology Agency (GovTech) to assist the 17 users whose Singpass accounts were compromised.

It added that the police and GovTech have been contacting relevant government agencies and private sector services – such as banks and telcos – that perpetrators might have accessed using the compromised Singpass accounts, to ensure that appropriate remedial or preventive actions are taken.

The police reminded the public that Singpass accounts are strictly for personal use and should not be disclosed to others.

It added: “To avoid being implicated in criminal activities, we should always reject seemingly easy and attractive money-making opportunities that promise fast payouts in exchange for the use of our Singpass account, bank accounts or other personal accounts.”

On Jan 11, ICA said the perpetrators used stolen or compromised Singpass accounts to change the residential addresses of the victims through the “Others” module, which allows the change of address by a proxy.

After keying in the victim’s NRIC number and its date of issue, a verification mailer would be sent to the registered address specified by the scammer, allowing him to access the mailer and confirm the change of address.

Pretending to be the victim, the scammer would ask for a new PIN to be sent to the address. This allows him to set a new password for the victim’s Singpass account and gain access to it.

ICA had said: “It is likely that the perpetrators are using stolen or compromised Singpass accounts and letter boxes of third parties to generate more mule accounts to use for scams and other cybercrimes.” - The Straits Times/ANN