RM34.26mil lost in SG malware scam where victims’ banking credentials stolen by keylogger hidden in app


The victims had contacted the ‘sellers’ of various services advertised on social media platforms. — Photos: Singapore Police Force/The Straits Times/ANN

SINGAPORE: At least S$10mil (RM34.26mil) has been lost from over 750 victims in the first half of this year due to unauthorised banking transactions performed by a malware scam which also resets the victims’ phones.

These victims had contacted the “sellers” of various services such as food purchase, home cleaning or pet grooming advertised on social media platforms, police said on Sept 20.

The sellers would send them a Web link over messaging platforms to download and install an Android application, as well as grant the app certain permissions to access their phone.

Victims would then be instructed to transfer a deposit of S$5 via PayNow for the services they want.

As payment was made, the victims’ Internet banking credentials were stolen by the malware’s key-logging function.

After accessing the banking app on the victims’ phones and performing unauthorised transactions, the scammers would initiate a factory reset on the devices, which erases all user data and settings.

These transactions would be discovered by the victims only after they had called their banks or reinstalled the banking apps on their phones.

Singapore authorities advise people to take precautionary measures, such as downloading the Scamshield app and enabling security features such as two-factor (2FA) or multifactor authentication for banks, as well as setting transaction limits for Internet banking transactions.

Those who suspect that their phones are infected with malware should take the following steps:

  • Turn the phone to flight mode. Check that its WiFi is switched off and do not switch it on.
  • Run an antivirus scan on the phone.
  • Use another device to check bank, Singpass and CPF accounts for any unauthorised transactions.
  • Report any unauthorised transaction to the bank and police.
  • As a further precaution, users can do a factory reset of their phones and change important passwords. – The Straits Times (Singapore)/Asia News Network
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Keystroke loggers , scam

   

Next In Tech News

Japan's antitrust watchdog to find Google violated law in search case, Nikkei reports
Is tech industry already on cusp of artificial intelligence slowdown?
What does watching all those videos do to kids' brains?
How the Swedish Dungeons & Dragons inspired 'Helldivers 2'
'The Mind Twisting Quadroids' review: Help needed conquering the galaxy
Albania bans TikTok for a year after killing of teenager
As TikTok runs out of options in the US, this billionaire has a plan to save it
Google offers to loosen search deals in US antitrust case remedy
Is Bluesky the new Twitter for teachers in the US?
'Metaphor: ReFantazio', 'Dragon Age', 'Astro Bot' and an indie wave lead the top video games of 2024

Others Also Read