Enhanced international cooperation key to S’pore’s fight against scams: MHA

SINGAPORE – Enhancing international cooperation with law enforcement agencies to recover lost assets is one of the Republic’s two priorities in its fight against scams, said a Ministry of Home Affairs (MHA) representative in a panel discussion on Wednesday.

To bolster Singapore’s defence against emerging scam variants, the other part of the two-pronged focus is collaboration with local industry partners, including banks and technology firms.

Tech firms can help to limit access to malware variants and tools, while banks can help strengthen anti-malware controls and conduct fraud surveillance.

Speaking at the eighth edition of the Singapore International Cyber Week (SICW), Ms Leow Zhi Ting, deputy director, policy development and security, at MHA, said enhanced international cooperation is critical for Singapore.

The move will help facilitate asset recovery for victims, as well as to exchange information with Singapore’s overseas law enforcement counterparts.

“We recognise that scammers who target Singapore are mostly based overseas, therefore the Singapore Police conduct joint enforcement and investigation operations with their foreign law enforcement counterparts,” said Ms Leow.

“Our efforts to enforce and recover losses depend critically on this. Therefore, international cooperation is no longer an option, but it’s a necessity,” she added.

In 2022,

Singapore Police participated in a global operation

coordinated by Interpol to tackle cyber-enabled financial crimes such as scams, which saw about 1,000 suspects arrested.

Virtual assets worth more than US$129 million (S$172.8 million) were seized in the exercise, Operation Haechi III.

That same year, Singapore authorities worked with international agencies to take down 13 scam syndicates. More than 70 people based overseas, who were responsible for more than 280 cases, were arrested as a result.

Minister of State for Home Affairs Sun Xueling had previously said anti-scam outfits should be established in different countries to fight transnational scam syndicates.

These outfits can also work together to recover proceeds that have been transferred across borders, Ms Sun said at the Regional Anti-Scam Conference 2023 in June.

At SICW, MHA also pointed out malware as an emerging scam variant, with some 1,400 people having already fallen victim to malware scams from January to August in 2023.

More than $20 million were lost in these cases.

Malware scams start with victims being tricked into downloading malware onto their devices. This allows scammers to control the device remotely and perform unauthorised transactions without the victim knowing.

To fight the threat, the Government is collaborating with industry players, including technology firms and banks.

Said Ms Leow, a panellist for the scams and mobile security session: “We believe that we need to work with the industry to recalibrate between security, convenience and cost. This will require a mindset shift.”

She added: “We are quite happy that some of the industry players have stepped up and we hope that more can do so.”

In 2022, the Government’s collaboration with major banks at the anti-scam command of the police helped to freeze more than 16,700 bank accounts suspected to be involved in the scams and the recovery of more than $146 million.

Scam cases in Singapore have increased more than five times to 31,728 in 2022, from 6,234 cases in 2018.

From January 2018 to June 2023, scammers pocketed more than $2.2 billion from victims in Singapore.

Also on the panel were Mr Gert Auvaart, director of cyber security at Estonia’s National Cyber Security Centre; and Mr Andrew Elliot, director at Britain’s Department for Science, Innovation and Technology.

During a Q&A session, the panellists touched on the topic of sideloading, which has come under the spotlight as OCBC, DBS and UOB all introduced new security features in September restricting access to their apps when sideloaded apps are detected on a user’s phone.

Sideloading is a term used when users install software, especially an app, obtained from a third-party source rather than an official developer.

Despite the rising number of scam cases, some have criticised the banks’ move as making app access more inconvenient.

Mr Elliot said sideloading is also controversial from a security standpoint, especially from the UK’s experience during the Covid-19 pandemic.

Many contact-tracing apps used at the time were created in haste, as developers were responding to a global health crisis. Many apps were also not approved by app stores quickly enough.

“But then (developers) were offering these apps with instructions on how to sideload, including steps on how to disable all the security protections on your phone. Heavens forbid, we do not want to advise citizens to do that,” he said.

But a blanket ban on sideloading may not work.

Said Ms Leow: “Obviously, there will be legitimate reasons as to why people may need to sideload. I also think it’s not something that the Government ought to just decide on its own.”

“Ultimately, the outcome that we want is to prevent people from having malware in their phones. So we can find other ways of addressing the issue. I think that’s possible,” she added.