6 teens among 18 arrested for alleged involvement in bank malware scams
Sign up now: Get ST's newsletters delivered to your inbox
The suspects were nabbed during an islandwide operation over two weeks.
PHOTO: SINGAPORE POLICE FORCE
Follow topic:
SINGAPORE – Eighteen people, a third of whom are teenagers, were arrested for suspected involvement in a recent spate of banking-related malware scams.
The suspects – 16 men and two women – are between the ages of 16 and 47, said the police on Saturday. They were nabbed during an islandwide operation over two weeks conducted by officers from the Commercial Affairs Department and Police Intelligence Department.
Another eight men and five women, aged between 16 and 55, are assisting in the investigations.
Preliminary investigations revealed that 13 men and two women had allegedly facilitated the scams by handing over their bank accounts, Internet banking credentials and/or disclosing their Singpass credentials for money.
A 45-year-old man is believed to have withdrawn money from a money mule’s bank account and handed it to an unknown person.
Preliminary investigations also revealed that a 47-year-old man had allegedly received and withdrawn some criminal proceeds from his bank account, and a 17-year-old male teenager is said to have helped his friends sell their bank accounts to an unknown person on the Telegram messaging app.
Since January, the police have received more reports of malware being used to compromise Android mobile devices even when victims had not disclosed their Internet banking credentials, one-time-passwords or Singpass credentials to anyone. This resulted in unauthorised transactions being made from the victims’ bank accounts.
The victims responded to advertisements for cleaning services, pet grooming, food items and groceries on social media platforms like Facebook.
They were instructed by the scammers to download an Android package kit from non-official app stores so that they can make their purchases, which led to malware being installed on their mobile devices.
The scammers then convinced the victims via phone calls or text messages to turn on accessibility services on their phones, weakening the phones’ security and allowing scammers to take full control of the phones.
As a result, the scammers could watch every keystroke the victims typed, steal banking credentials stored on the phones, remotely log access to victims’ banking apps, add money mules as payees, raise payment limits and transfer money to the mules.
The scammers could also delete text messages and e-mail notifications related to these bank transfers to cover their tracks, the police warned.
Police investigations are ongoing.
The offence of acquiring benefits from criminal conduct carries a jail term of up to 10 years, a fine of up to $500,000, or both.
The offence of cheating carries a jail term of up to three years, a fine, or both.
For disclosing their Singpass credentials, offenders are liable to a jail term of up to three years, a fine of up to $10,000, or both.
The police advised the public against downloading applications from third-party or dubious sites that can lead to malware being installed on their phones, computers or other devices.
Such malware has resulted in confidential and sensitive data, such as banking credentials, being stolen.
“To avoid being an accomplice to crimes, members of the public should reject requests by others to use their bank accounts or mobile lines as they will be held accountable if these are found to be linked to unlawful activities,” said the police.
In September, 10 people, including three teenagers, were arrested over similar banking-related malware scams.
For more information on scams, the public can visit www.scamalert.sg
Anyone with information on such scams may call the police hotline on 1800-255-0000, or submit information online at www.police.gov.sg/iwitness
