Online mooncake scam: 27 people in S’pore lose RM1.11mil in a month


Victims would contact the mooncake sellers and be directed to make payment through WhatsApp, but would be given links that led to malware. — Unsplash

SINGAPORE: A new scam involving mooncake sales on social media platforms has cost at least 27 victims around S$325,000 (RM1.11mil) in August alone, said the police on Sept 5.

After contacting the “sellers” through social messaging platforms to place orders for mooncakes advertised on Facebook and Instagram, the victims were directed through WhatsApp to make payment. But the links, the police said, led victims to download an Android Package Kit (APK) file, an application created for Android’s operating system, containing malware.

In some cases, victims were instructed to make PayNow or bank transfers to buy the mooncakes.

The scammers would then inform victims that their orders had to be cancelled due to production or manpower issues, and direct them to the malicious links for “refunds”.

After the APK file was downloaded and installed, the scammers would gain remote access to the victims’ devices, letting them steal passwords and retrieve banking credentials.

Victims later discovered unauthorised transactions from their banking accounts.

The police advised the public to adopt precautionary measures such as adding the ScamShield app, enabling two-factor or multifactor authentication for bank apps and setting transaction limits on Internet banking transactions.

The police also advised the public to ensure their devices have updated antivirus/anti-malware applications installed and to disable “Install Unknown App” or “Unknown Sources” in their phone settings.

Members of the public should download and install applications from only official app stores, and be wary if asked to download unknown apps to purchase items or services on social media platforms.

The police urged the public to report any fraudulent transactions to their bank immediately and to inform the authorities, family and friends about scams.

If individuals suspect that their phone is infected with malware, they should turn their phone to “flight mode”, run an antivirus scan on their phone, check their bank accounts for any unauthorised transactions using other devices, report it to the bank and relevant authorities, and lodge a police report. – The Straits Times (Singapore)/Asia News Network

Scam

   

Next In Tech News

Former BP boss Looney to chair US data company Prometheus Hyperscale
Indian regulator rejects Apple request to put antitrust report on hold
Share too much info on social media and risk being hacked, warns MCMC
What is Bluesky and why are people leaving X to sign up?
Opinion: Messages can gobble up storage space
ChatGPT writes better poetry than Shakespeare, most people think
Game review: Help the sleeping Smurfs wake up from Gargamel's spell
TikTok CEO sought Musk's input ahead of Trump administration, WSJ reports
How 'CoComelon' became a mass media juggernaut for preschoolers
Evolution of smartphone damage: From drips to drops

Others Also Read