SINGAPORE: At least 85 people here have lost about S$237,000 (RM791,726) since January 2022 after falling victim to phishing scams involving purported emails from Singapore Post (SingPost) and the telco Singtel.

It comes amid a resurgence in scammers impersonating both firms and sending out emails with unrelated domains, said the police on Nov 3. The emails were embedded with fraudulent URL links which were designed to steal victims’ personal information.

In the case of the scam emails purportedly from Singtel, victims were told that their accounts faced billing issues due to missing information. They were instructed to click on the embedded link to renew their subscriptions.

In the SingPost scams, victims were notified that they had outstanding payments to make for parcel deliveries. They were directed to use the link to make payments.

However, police said these links redirected the victims to fraudulent websites which then tricked them into providing their personal information, including their account username and password, as well as credit or debit card details and their one-time passwords.

Victims only realised they had been scammed after they discovered unauthorised transactions made using their credit or debit cards.

The advisory comes just before a slew of end-of-the-year sales are rolled out online, including the 11.11 sale which falls on Nov 11.

Such sales are often promoted on ecommerce platforms. A report in January by data and analytics company GlobalData projected that ecommerce spending in Singapore would grow from S$7.8bil (RM26.05bil) in 2021 to S$14.2bil (RM47.42bil) in 2025.

This year, consumers in Singapore are projected to spend S$9.2bil (RM30.72bil) online.

The police advise members of the public to refrain from clicking on links in unsolicited emails from email addresses with suspicious domain names.

Instead, they should verify the authenticity of the information with the official website or other official sources.

They should also never disclose their personal information, credit card and bank details or passwords, including one-time passwords, to anyone else.

Police said they should report any fraudulent transactions made with their e-payment accounts to the relevant service providers immediately. – The Straits Times (Singapore)/Asia News Network