BRANDED CONTENT
Stem the scams: Beware the bots to avoid being distraught
Scammers are upping their game by using generative artificial intelligence to sound real and convincing, raising the stakes on the already menacing prevalence of scams. Here’s what you should know
In Singapore, scams have overtaken many other types of physical crimes to form a significant proportion of overall crime.
PHOTO: GETTY IMAGES
Feng Zengkun, Content STudio
Follow topic:
You receive a convincing, well-crafted survey over WhatsApp, seemingly from a legit authority, with some money thrown in as a hook.
Would you bite?
If the answer is no, you would have reaped an even greater reward – saving your data from being stolen by yet another attempt by scammers.
Such a scam happened earlier this month, with scammers posing as Consumers Association of Singapore (Case) officers.
To supposedly receive a $13 monetary reward, victims had to complete a fake survey on improving the online shopping experience. It included a series of questions that collected personal information and shopping preferences.
Case was promptly alerted to the ongoing scam, and warned consumers through a public advisory on April 20.
Case says that the text messages sent via WhatsApp originated from foreign phone numbers.
PHOTO: CASE
Scams like this have risen at an alarming rate in recent years.
In February, the Singapore Police Force said in a Straits Times report that scams have overtaken many other types of physical crimes to form a significant proportion of overall crime.
Last year, there were 31,728 reported scams, a sharp spike from 23,933 cases in 2021. The victims lost $660.7 million, compared with $632 million in 2021.
The most common ruse was phishing scams, where scammers pretend to be officials, or other trusted entities, to trick victims into revealing their credit card details and bank account data.
Besides phishing scams, the rest of the top five types of scams last year were job scams, e-commerce scams, investment scams and fake friend call scams, say the police.
Using smart tools to fool
Scams are also becoming more sophisticated with the use of artificial intelligence (AI) tools – as was likely with the fake Case survey.
Cybersecurity experts said in a Straits Times report in March that while bad grammar and an aggressive tone used to be tell-tale signs of an email or text scam, more fraudsters are using generative AI chatbots, such as ChatGPT, to craft messages in official-sounding and near-perfect language.
Released in 2020, ChatGPT understands natural language and can generate human-like responses to a wide and complex range of user-supplied prompts.
ChatGPT rose to prominence in November last year. More recently, tech giants Google and Microsoft have released their own generative artificial intelligence chatbots.
PHOTO: GETTY IMAGES
US data management firm Pure Storage, which also develops cybersecurity solutions, has noticed an improvement in the text used in phishing scams.
Regional vice-president and chief technology officer Matt Oostveen, explained: “ChatGPT has a polite, bedside manner to the way it writes… It is probable that fraudsters are using these tools.”
Worryingly, the use of AI has gone beyond text and messages.
On April 20, an American father picked up a chilling call from a Mexico-based phone number and heard his daughter’s voice, claiming to have been kidnapped and held for ransom.
Speaking to US media outlet Fox 35 Orlando, the father recognised his daughter’s distinct voice. “When her voice cracks, there's a sound to it. There was no other explanation for it.”
Following the call, the quick-witted father immediately spoke to family members to confirm that his daughter was safe.
So, are we at the mercy of AI-generated scams? Mr Righard Zwienenberg, senior research fellow at Slovakia-based cybersecurity firm ESET, says otherwise, at least in the case of malicious emails.
“Grammatical errors may be a thing of the past, thanks to tools like ChatGPT. Still, fortunately, there are other warning signs to alert users to possible scams,” said Mr Zwienenberg.
He adds that recipients should be cautious when receiving e-mails with surprise pressure tactics, requests for personal information or offering gifts that are too good to be true.
By the numbers
- 7,097 cases
The number of phishing scams – the most common type – in 2022, up from 5,023 cases in 2021, revealed the Singapore Police Force in February this year. Phishing scams seek to deceive victims into revealing personal details and sensitive information.
- 207 per cent
The increase in fake friend call scams (where scammers call or text from an unknown number and pretend to be a friend or acquaintance to ask for money) reported to the police in 2022
- $198.3 million
The amount lost to investment scams in 2022, the most among all types of scams, according to police figures
- 8 out of 10
People who use public Wi-Fi but do not change their passwords regularly, which can make them vulnerable to cyber attacks, reveals a Singtel study in December last year
What you can do to protect yourself
So how do you stay ahead of increasingly sophisticated scammers – AI-enabled or otherwise?
Take proactive steps at the user, device and network levels, says local telco Singtel. Their Broadband Protect service, for example, automatically identifies and blocks malicious webpages, shielding any devices that are connected to their home Wi-Fi network.
For Singtel mobile customers, their Scam Call Protect blocks scam calls and text messages before these reach users. It currently blocks about 30 million scam calls and 20 million scam messages on average each month. This service is provided free with no sign-up required.
At the launch of Broadband Protect in February, Ms Anna Yip, chief executive officer of Singtel’s Singapore consumer business, said: “We are a key part of Singapore’s scam-fighting community, and are committed to delivering a secure network, and playing our role to develop new cybersecurity tools and strategies to protect our clients, so that they can enjoy the best that technology has to offer with peace of mind.”
In January, the National Crime Prevention Council (NCPC) launched the ACT anti-scam awareness campaign that outlines three actions for the public: Add security features, Check for signs, and Tell the authorities and others about the scam.
People should add security features such as two-factor authentication for their personal accounts, and set transaction limits for their internet banking, to limit the loss of funds if they are scammed.
The NCPC adds that asking questions, fact-checking requests for personal information and money transfers, and verifying the legitimacy of online listings and reviews are some of the other ways to check for scams.
If an online friend asks for personal or confidential information, or money, for instance, you should contact that friend through other channels such as a phone call to verify the request. Never share sensitive or personal information without verification.
Here’s a checklist to help you fight scams
While scam protection technology is evolving, user awareness and vigilance are key to identifying and deterring scams as a first line of defence. Here’s some advice from the National Crime Prevention Council.
- Do not click on web links in unsolicited emails and text messages
- Hang up immediately if callers cannot identify themselves properly, and always verify information or requests through official websites, apps or hotlines
- Never share your name, identification number, passport details, banking and credit card details, and other sensitive information to anyone without verification
- Remember that no government agencies will ask you for your personal details or bank transfers over the phone or through robocalls (automated voice machines)
- When shopping online, look for sellers with good ratings and reviews, and who have been with the site for some time
- Before making an investment, always check with a licensed financial adviser, and do a thorough check on the company and its representatives using resources such as the Financial Institutions Directory, Register of Representatives, and Investor Alert List, which can be found on the MAS website
- If you encounter a scam, report it by notifying the affected bank, through the National Crime Prevention Council’s ScamShield app, or by filing a police report. Also alert family members and friends
The NCPC’s advice: If something sounds too good to be true, it probably is untrue, and is a scam.
Take the time to slow down to think before responding to requests for money or personal information, and check with trusted others or official sources, says the NCPC.
Non-exclusive threat
Singapore Police Force statistics also show that anyone can fall for a scam, debunking the perception that only the elderly are more likely to be scammed. Seniors aged 60 and above made up just 8.8 per cent of the scam victims last year.
People aged 20 to 39 made up slightly more than half of the victims, at 53.5 per cent, split evenly between those aged 20 to 29 and those from 30 to 39 years old.
Commercial Affairs Department director David Chew said: “The people who are more connected in the digital (world), the people who deal with it day in and day out, and are more comfortable with clicking on links – they are all vulnerable.”
He adds: “We all think that it is the old, the young and the naive. But lawyers, doctors and professors (have all fallen prey to scams).
“No one is immune to scams. The thought that ‘it will not happen to me’ – that is the greatest challenge.”
Stay ahead of scams with Singtel’s 3-Step Approach. Learn more at singtel.com/secured
This was produced in partnership with Singtel
