SINGAPORE - A 16-year-old boy was among six people charged in court on Wednesday after they allegedly took part in activities linked to money laundering involving banking-related phishing scams that used malware.
The teenager cannot be named as those below 18 are protected under the Children and Young Persons Act.
At the time of his alleged offences, he had accounts with four banks – UOB, OCBC, HSBC and Standard Chartered.
He is accused of giving his Internet banking log-in details linked to the accounts to unknown parties on four separate occasions in January and June 2023.
He is said to have engaged in a conspiracy with the unknown parties to gain unauthorised access to programs hosted on the servers of the banks’ Internet banking systems.
The teen, who faces four charges under the Computer Misuse Act, was among five people accused of taking part in money laundering activities linked to banking-related phishing scams involving malware that resulted in losses from the victims’ bank and Central Provident Fund (CPF) accounts.
The others are Allysha Qistina Zulkifli, 20; Kevis Toh Yong Heng, 24; Lim Qing Yang, 27; and Spencer Tng Wei, 29. They each face between one and five charges.
In a statement on Wednesday, the police said the five people were arrested between June 19 and 23 after officers received multiple reports about malware being used to compromise Android mobile devices.
Unauthorised transactions were then made from the victims’ bank and CPF accounts, even though they did not divulge information such as their Internet banking credentials to anyone.
The police added that between January and June 2023, there were more than 700 reports of malware-related scams and losses amounting to about $8 million.
Nine of these malware-related scams involved CPF savings and bank accounts, with losses amounting to at least $335,000.
The police then worked with banks to facilitate the swift freezing of accounts, leading to the recovery of more than $94,000.
The monies from the victims’ CPF accounts in these nine cases were withdrawn before the enhanced implementation of Singpass facial verification.
Mohamed Fazli Abdul Hamid, 42, who was allegedly involved in an unrelated case, was the sixth person charged on Wednesday.
He is accused of cheating and an offence under the Computer Misuse Act.
In a separate statement on Tuesday evening, the police said investigations revealed that Fazli had allegedly deceived a bank into opening an account.
He later handed over information such as the Internet-banking log-in password linked to his account to an unknown person who had offered him $500 in return for “renting” his bank account for two weeks, the police added.
The bank account was subsequently used to launder criminal proceeds amounting to more than $4,900.
The cases involving the six accused have been adjourned to August.
OCBC states on its website that malware is a type of malicious software used by cybercriminals to infect their target’s computers and mobile devices so as to perform criminal activities.
Once a device is infected, a cybercriminal may steal confidential data such as log-in credentials and use these details to conduct fraudulent money transfers from their victim’s account, the bank added.
