Chinese callers phish personal information in new phone scam, one person loses over $100k

SINGAPORE - A new type of phone scam has emerged, where callers who claim to be telco employees tell victims that their mobile phone numbers were used for illegal activities, and proceed to phish personal information from them.

The Straits Times understands that more than 10 people have made police reports about such scams, beginning from last week, and that at least one person has lost more than $100,000.

The callers typically claim to be employees from telecommunication companies based in China or Singapore, the police said on Thursday (Aug 17).

When victims picked up the phone, they heard an automated voice message telling them in Mandarin that their phone lines would be terminated.

They were then told to press "1" to get further instructions from either Chinese police or a telco employee.

These "employees" would tell victims that a mobile phone number registered under their names had been used for illicit activities such as the operation of an online gambling website.

 
 

The Mandarin-speaking operator would then ask for the victim's personal information, such as his name, identification card number, nationality and contact number, under the guise of "resolving the matter".

It is yet unclear what the information is being used for.

The police advised the public to take the following precautions when receiving unsolicited calls, especially from strangers.

- Ignore the calls. The scammers may use Caller ID spoofing technology to mask the actual phone number and display a different number.  Calls that appear to be from a local number may not actually be made from Singapore. If you receive a suspicious call from a local number, hang up, wait five minutes, then call the number back to check the validity of the request.

- Do not follow the caller's instruction and do not give out personal information and bank details, whether on the website or to callers over the phone.  Personal information and bank details such as internet bank account usernames and passwords, OTP codes from tokens, are useful to criminals.