Online mooncake scam: 27 people in S’pore lose RM1.11mil in a month


Victims would contact the mooncake sellers and be directed to make payment through WhatsApp, but would be given links that led to malware. — Unsplash

SINGAPORE: A new scam involving mooncake sales on social media platforms has cost at least 27 victims around S$325,000 (RM1.11mil) in August alone, said the police on Sept 5.

After contacting the “sellers” through social messaging platforms to place orders for mooncakes advertised on Facebook and Instagram, the victims were directed through WhatsApp to make payment. But the links, the police said, led victims to download an Android Package Kit (APK) file, an application created for Android’s operating system, containing malware.

In some cases, victims were instructed to make PayNow or bank transfers to buy the mooncakes.

The scammers would then inform victims that their orders had to be cancelled due to production or manpower issues, and direct them to the malicious links for “refunds”.

After the APK file was downloaded and installed, the scammers would gain remote access to the victims’ devices, letting them steal passwords and retrieve banking credentials.

Victims later discovered unauthorised transactions from their banking accounts.

The police advised the public to adopt precautionary measures such as adding the ScamShield app, enabling two-factor or multifactor authentication for bank apps and setting transaction limits on Internet banking transactions.

The police also advised the public to ensure their devices have updated antivirus/anti-malware applications installed and to disable “Install Unknown App” or “Unknown Sources” in their phone settings.

Members of the public should download and install applications from only official app stores, and be wary if asked to download unknown apps to purchase items or services on social media platforms.

The police urged the public to report any fraudulent transactions to their bank immediately and to inform the authorities, family and friends about scams.

If individuals suspect that their phone is infected with malware, they should turn their phone to “flight mode”, run an antivirus scan on their phone, check their bank accounts for any unauthorised transactions using other devices, report it to the bank and relevant authorities, and lodge a police report. – The Straits Times (Singapore)/Asia News Network

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Scam

   

Next In Tech News

Tesla increases wages for staff at German gigafactory by 4%
Apple explores push into smart glasses with ‘Atlas’ user study
Japan's Kioxia sees flash memory demand almost tripling by 2028
Hacker gets into woman’s email, changes every password, tries to make purchases
Foxconn says Oct revenue +8.59% y/y, Q4 outlook good
Want to help a friend find love? Give a PowerPoint presentation
Can an Apple�Watch get AFib patients off bloodthinners?
South Korea fines Meta about $15 million over collection of user data
Ehailing service Bolt says it’s launching in Malaysia soon, already licensed by Apad
French IT firm Atos agrees to sell Worldgrid unit to Alten

Others Also Read