Another 12 people arrested for roles in bank-related malware scams targeting Android phone users

A total of 11 men and one woman, aged between 17 and 40, were arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Photos: Singapore Police Force
Posted on 22 October 2023 | 1,667 views | 7 comments

A total of 11 men and one woman, aged between 17 and 40, were arrested for their suspected involvement in the recent spate of banking-related malware scam cases, following an island-wide anti-scam enforcement operation conducted between Oct 9 and 20.

Over the course of two weeks, officers from the Commercial Affairs Department and Police Intelligence Department mounted simultaneous island-wide operations and arrested the 12 people.

Preliminary investigations revealed that they had allegedly facilitated the scam cases by relinquishing their bank accounts, Internet banking credentials and/or disclosing Singpass credentials for monetary gains.

Police investigations are ongoing.

Since January, the police have received increasing number of reports of malware being used to compromise Android mobile devices, resulting in unauthorised transactions made from the victims’ bank accounts, even when they had not divulged their Internet banking credentials, one-time passwords (OTPs) or Singpass credentials to anyone.

In these cases, the victims responded to advertisements on social media platforms such as Facebook. They were then instructed by the scammers to download Android Package Kit (APK) from non-official app stores to facilitate the purchase, which led to malware being installed on their mobile devices.

Subsequently, the scammers convinced the victims via phone calls or text messages to turn on accessibility services on their Android phones. This weakened the phones’ security, allowing scammers to take full control of the victims’ phones.

As a result, the scammers could log every keystroke, steal banking credentials stored on the phones, remotely access victims’ banking apps, add money mules as payees, raise payment limits and transfer money to money mules. The scammers could further delete SMSes and email notifications of the bank transactions to cover their tracks.

The offence of acquiring benefits from criminal conduct carries an imprisonment of up to 10 years, a fine of up to $500,000, or both.

The offence of cheating carries an imprisonment term of up to three years, or with a fine, or both, while the offence under the Computer Misuse Act carries a fine of up to $5,000, or an imprisonment term of up to two years, or both.

For disclosing their Singpass credentials, they are liable to an imprisonment term not exceeding three years, a fine of up to $10,000, or both.

Get more of Stomp's latest updates by following us on Facebook, WhatsApp, Twitter, Instagram and YouTube.

Related Stories
Fourteen men and two women, aged between 17 and 47, and two 16-year-old male teenagers have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Photo: Singapore Police Force
Two 16-year-old boys among 18 arrested for roles in Android malware scams in latest police raids
Ten people, aged between 17 and 60, were arrested for their suspected involvement in various scams, said the police on Wednesday (Oct 4).
10 arrested for allegedly letting scammers use their bank accounts for up to $600 per account
PHOTO: SPF
12 men arrested for series of banking-related malware cases: $13k cash, drugs, knife seized
More About: 
police
raids
arrested
Scams
Android