SINGAPORE – In a swift crackdown on cybercrime, authorities have detained five individuals—four men and one woman, aged between 18 and 46—for their suspected roles in a disturbing wave of banking-related malware scams.

Shocking statistics reveal that these malware scams cost unsuspecting victims a staggering $295,000 in the first half of 2024 alone, compared to $9.1 million during the same period in 2023. The data highlights an alarming trend in online scams, prompting law enforcement to take decisive action.

On September 20, the police announced that the arrests were made as part of a week-long, island-wide anti-scam enforcement operation.

This collaborative effort involved the Commercial Affairs Department, Bedok Police Division, and Clementi Police Division. Additionally, a 16-year-old boy and a 36-year-old man are currently assisting with ongoing investigations.

Preliminary inquiries have revealed alarming details.

Three of the suspects—aged 18, 19, and 21—are believed to have facilitated these scams by providing their bank account details, internet banking credentials, or Singpass information for financial gain. Meanwhile, a 32-year-old man and a 46-year-old woman allegedly received illegal proceeds in their bank accounts.

Authorities have reported an uptick in banking-related malware scams since August 30.

Many victims stumbled upon misleading advertisements on social media platforms like Facebook, promoting food sales. Clicking on these ads led them to communicate via WhatsApp with scammers who falsely posed as sellers.

The modus operandi of these fraudsters is chilling.

Scammers often engage their victims in video calls, where they instruct them to disable 'Google Play Protect,' a security feature designed to block harmful apps. Victims are then coaxed into downloading an Android Package Kit (APK) laden with malware, disguised as a means to track their orders or confirm purchases.

Once the malware is installed, scammers gain unauthorized access to the victim's phone.

This allows them to initiate fraudulent financial transactions. Disturbingly, victims often receive follow-up calls from individuals impersonating bank officials, who deceitfully warn them against reporting the fraud and promise to assist with their concerns instead. This tactic is often followed by calls from scammers claiming to be law enforcement officials like Interpol, alleging the victim’s involvement in money laundering schemes.

The consequences for those found guilty of facilitating these criminal activities can be severe.

Offenders face potential imprisonment of up to three years, hefty fines, or both. Furthermore, individuals who provide their bank credentials could incur fines of up to $5,000 and risks of incarceration for up to two years. Sharing Singpass credentials carries similar penalties, with potential prison time of three years.

In a bid to combat such scams, the Sentencing Advisory Panel has recommended stiffer sentences for those who allow scammers access to their accounts.

The police are also urging the public to exercise caution against downloading applications from unverified websites, as scammers can also misuse legitimate apps with remote access functionalities.

To safeguard public interests, banks may take proactive measures to block suspicious applications.

The police's alert serves as a poignant reminder: your next online transaction could expose you to threats—be vigilant!