Some users are allegedly breaking open their TraceTogether tokens, removing the battery and even swopping the QR code with that of another device.
But doing so is not only a crime, it also puts Singapore at risk.
In response to queries from The New Paper, a Smart Nation and Digital Government Group spokesman said it was aware of online forums where users claimed to have modified the token.
"Any deliberate or mischievous act to tamper the token is a criminal offence under the Computer Misuse Act," he said.
More than 400,000 tokens have been collected since distribution began last month.
The spokesman said TraceTogether has helped cut the time to identify close contacts from four days to less than two days. But tampering with the token can hamper contact tracing, he added.
On Oct 20, the multi-ministry task force tackling Covid-19 said checking in with TraceTogether will be mandatory at all public venues by end-December.
A thread on online forum HardwareZone on the same day discussed how to modify the tokens.
A user encouraged others to print QR codes from other tokens to stick on their own. The QR code, found on the back of the device, is unique to each token.
The thread, which has gained traction, with over 780 posts as at Monday, saw other users discussing how to block the Bluetooth signal to prevent it from working as intended.
Many of the users appeared to be against the use of the tokens.
Some people had raised concerns about location tracking and surveillance when the tokens were announced in June.
But the authorities have reassured the public that the tokens do not collect location data and are used only for contact tracing.
The Government Technology Agency also invited four experts to a teardown of the token in June to check the inner workings of the device.
One of them, Mr Roland Turner, the chief privacy officer for analytics company TrustSphere, told The New Paper that people should not be worried about using the token.
"TraceTogether keeps the information that it collects on the device until you are diagnosed, and purges anything more than 25 days old," he said. "This means more than 99.9 per cent of data collected never enters government hands."
Noting that the success of TraceTogether in fighting Covid-19 depends on people's cooperation, he added: "Like frequent hand washing, TraceTogether can gain widespread use and high effectiveness only if the population wants to do it.
"It is worth taking every feasible step to encourage this."
Lawyer Joshua Tong from Kalco Law said those who tamper with the tokens may run afoul of several laws.
"If there is physical damage or alterations to the tokens, one may be liable for an offence of mischief."
The offence carries a jail term of up to two years, a fine, or both.
If the mischief disrupts a public health service, one can be charged with mischief causing disruption to a key service, which carries a jail term of up to 10 years, a fine, or both.
Mr Tong said: "This is because the TraceTogether tokens provide a service... (that) is critical to maintaining public health by combating the pandemic."
Under the Computer Misuse Act, unauthorised access to computer material carries a jail term of up to two years, a fine of up to $5,000, or both.
Those who make unauthorised modifications to computer material can be jailed for up to three years, fined up to $10,000, or both.
Infectious disease specialist Leong Hoe Nam said those who tamper with the token are irresponsible and put others at risk.
He said: "Manipulating the token is akin to sabotaging your country. Why are they so thick-headed?"
