SINGAPORE: A recurring tech support rip-off has duped at least 154 victims since January this 12 months with losses amounting to at least S$7.1 million, the authorities warned on Tuesday (Apr 26).
These scammers would method victims below the pretext of helping them to resolve laptop or Wi-Fi community points, stated the police and Cyber Security Agency of Singapore (CSA) in a joint information launch.
Victims would usually obtain a pop-up alert whereas utilizing an Internet browser on their laptop or an unsolicited cellphone name from people claiming to work for Internet service suppliers.
The pop-up alert would inform victims that their laptop has been compromised. The alert would additionally embrace directions for them to contact the software program supplier – equivalent to Microsoft – at a acknowledged quantity for help.
The quantity would often seem as variants of +653159(XXXX), main victims to consider that it was a sound native assist desk contact quantity.
Victims who referred to as the supplied quantity would communicate to scammers impersonating tech support personnel.
Scammers behind these unsolicited calls would declare to work for Internet Service Providers (ISPs) equivalent to Singtel.
The scammers would then point out that the victims’ Wi-Fi community had been compromised by hackers, they usually had been calling to help in resolving the problem.
In some situations, the scammers would declare that there have been fraudulent transactions made out of the victims’ checking account, and that an investigation officer purportedly from authorities businesses, such because the CSA or the police, was investigating the incident.
In such circumstances, the scammers may additionally ship faux verification emails from spoofed e-mail accounts to the victims.
REMOTE ACCESS APPLICATION
Following both methodology, the scammers would then request the victims to obtain a distant entry software, equivalent to Teamviewer, Ultraviewer, or AnyDesk.
Under the pretext of resolving the problem, the scammers would instruct the victims to log into their Internet banking account, and to present their credit score or debit card particulars and One-Time Password (OTP).
Following this, the scammers would utilise the distant entry software to switch funds from the victims’ financial institution accounts or make fraudulent fees to the victims’ credit score or debit card.
SCANNING SINGPASS QR CODE
In some situations, victims can be directed to scan a Singpass QR code on a phishing web site with their Singpass app, with scammers claiming that it was a part of the verification course of.
By scanning the QR code and authorising the transaction, the victims would unintentionally give the scammers entry to create cryptocurrency wallets with their particulars. These cryptocurrency wallets would later be utilized by scammers to facilitate the move of illicit proceeds.
The police and CSA reminded members of the general public that no telecommunications service supplier or authorities company will request for private particulars in addition to entry to on-line financial institution accounts over the cellphone or by way of automated voice machines.
They can even not request fee for companies rendered.
Anyone who believes they’ve fallen prey to such scams ought to take these fast steps:
- Uninstall any software program that you’ve got put in on the directions of the scammers.
- Log off and switch off your laptop to restrict any additional actions that the scammers can execute.
- Report the incident to your financial institution to halt additional actions relating to your financial institution accounts.
- Change your Internet banking credentials and take away any unauthorised payees who could have been added to your financial institution accounts.
- Report the matter to the police.
Members of the general public are additionally inspired undertake these preventive measures:
- Ignore such calls and the caller’s directions. The “+” signal prefix signifies that it’s a world incoming name. Domestic calls is not going to show the this prefix.
- Do not panic and don’t comply with directions to set up purposes, sort instructions into your laptop or log into your Internet banking accounts.
- When unsure, at all times name the official hotline of your software program supplier, telecommunications service supplier or authorities company to confirm whether or not the data you might have obtained is shipped by the organisation and if the transaction includes authentication utilizing Singpass.
- When logging right into a digital service along with your Singpass app, make sure that the area URL displayed in your Singpass app’s consent web page matches that in your browser earlier than continuing. If not, don’t faucet on the “Log In” button on the consent display screen.
- Never enable others to watch you enter your private particulars, financial institution login particulars, or Singpass ID, passwords and Two-Factor Authentication (2FA) particulars equivalent to SMS OTP and Singpass passcode.
- Report any fraudulent exercise in your checking account to your financial institution instantly.
Those with info on such scams can name the police hotline at 1800-255-0000 or submit a report on-line. Those who require pressing police help can dial 999.
Those encountering scammers impersonating CSA officers can report the incident to the company. All info can be stored strictly confidential.
Source : channelnewsasia.com