Carousell, banks take steps to tackle spike in phishing scams

Carousell said its in-app warnings will provide users with a moment to step back and think twice before exiting the platform. PHOTO: CAROUSELL

SINGAPORE – To tackle the recent increase in the number of phishing scams, online marketplace Carousell is suspending fraudulent accounts and has introduced a mandatory warning page on its mobile application.

The warning appears when users receive non-Carousell links that may be unsafe.

It is to remind them that the online marketplace would never ask for payment, card and bank details via an external site or an e-mail address.

In December 2022, about $1 million was lost by at least 1,115 victims to phishing scams involving fake buyers on Carousell.

This amount exceeded the $938,000 lost by at least 975 victims on the platform between January and November 2022, the police said on Sunday.

To protect consumers against such scams, the Association of Banks in Singapore (ABS) said banks will be implementing measures to thwart scammers, which may also result in delays in transactions.

Responding to queries from The Straits Times, Mrs Ong-Ang Ai Boon, director of ABS, said: “We advise customers to be on heightened alert amid widespread phishing scams. Due to operational sensitivities, we are unable to reveal more details on the measures.”

In its response on Sunday, Carousell said its in-app warnings will provide users with a moment to step back and think twice before exiting the platform.

It added: “We have been working closely with the Singapore Police Force to clamp down on the recent phishing cases, taking action swiftly to suspend fraudulent accounts from our marketplace.”

Carousell also educates users about phishing scams through in-app banners and articles on scam trends, and warns users against continuing their chats across other messaging platforms as scammers could do so to try to avoid detection.

On Sunday, the police said investigations revealed that a significant proportion of the reports lodged involved unauthorised overseas PayNow transfers.

“This is a troubling trend because once money is moved overseas, the chances of recovery are very slim,” they added.

Victims who were cheated in this scam reported being contacted by fake buyers who sent them a link to a website, claiming it was to facilitate payment for, or delivery of, the items on sale.

However, the link led to a spoofed website, and victims ended up revealing their Internet banking log-in details, bank card details or one-time passwords (OTPs), which the scammers used to make unauthorised transactions.

The police said in an advisory last week: “Carousell does not send links via SMS and would send only OTPs via SMS. This OTP should be keyed only into the Carousell application or webpage.”

Join ST's WhatsApp Channel and get the latest news and must-reads.