Android users in Singapore have lost at least $69,000 to scams targeting seniors since April 1, according to police data released on June 18. At least eight cases have been reported where victims were tricked into downloading malware via social media advertisements, leading to unauthorized account access and financial loss.
Police report that victims of these scams often find their security applications, such as Singpass or ScamShield, uninstalled from their devices after downloading malicious Android Package Kit files.
How the scams operate
The scam sequence typically begins on social media platforms like Facebook or TikTok, where advertisements promote activities for senior citizens. Interested individuals who provide their contact details are subsequently contacted via WhatsApp, where scammers prompt them to download an Android Package Kit (APK) file.
Once the file is installed, the malware grants scammers access to the device. In one reported instance, a victim’s bank transaction limit was increased without their authorization. Following the installation, victims are contacted by individuals impersonating officials from the Ministry of Law or the police’s Anti-Scam Centre, who claim the device is compromised and demand the transfer of money or valuables to assist with “investigations.”
What happens next
If the trend of using social media to target specific demographics continues, more users could face similar financial losses unless they strictly adhere to official security protocols. It is likely that police investigations will remain ongoing for the eight reported cases, and authorities may continue to monitor for new variations of these malware-based impersonation tactics.
For those who have already interacted with suspicious files, the police advise keeping the device in flight mode to prevent further communication with the scammers. Performing a factory reset before reporting the incident to the police may hinder investigations, so users are encouraged to wait until the report is filed before clearing their device.
The reliance on social media to identify potential victims highlights a shift toward highly targeted digital exploitation. The severity of these scams stems from the attackers’ ability to remove protective software, effectively blinding the user to the unauthorized financial transactions occurring in the background.
Frequently Asked Questions
What should I do if I have downloaded a suspicious application?
The police advise users to switch on flight mode, turn off Wi-Fi, and use an anti-virus program or Google Play Protect. You should check for unauthorized transactions on your bank, Singpass, or CPF accounts using a different, secure device.
Are Singaporean officials authorized to ask for money or app installations?
No. The police emphasize that Singapore officials will never ask you to install mobile apps from unofficial stores, nor will they transfer your call to police or other government officials for the purpose of moving money or valuables.
Where should I download mobile applications?
You should only download and install applications from official stores, such as the Apple Store or the Google Play Store, and avoid all files from unfamiliar or unverified sources.
How do you verify the identity of someone claiming to be a government official when they contact you online?
