At least 124 victims have lost $330,000 to social media impersonation scams since Jan 1

There has been a resurgence of social media impersonation scams involving fake campaigns, the police observed.

At least 124 victims have fallen prey to this scam variant from January 1 to July 26, with total losses amounting to at least $330,000.

The scam works in the following ways:

• Victims are approached on social media platforms such as Instagram or Facebook on the pretext of joining, or voting in fake campaigns allegedly organised by local brands (e.g. Lazada, Grab, Shopee). Unknown to the victims, these social media accounts have either been taken over by scammers or were spoofed by culprits impersonating as victims’ relatives or friends.

• The scammers would then ask victims for their phone numbers and/or OneTime Passwords (OTPs) sent out from various platforms (e.g. Microsoft, Grab, Google) in order to receive gift vouchers or monies “won” from the “campaign”.

• The OTPs provided by the victims would be abused by the scammers to approve transactions from the victims’ linked bank accounts/cards to ewallets (e.g. Grab Activation Code). Victims may also lose access to their Instagram/Facebook accounts after giving away OTPs that were meant to reset their account passwords. iv. In some variants, victims may lose access to their Instagram/Facebook accounts after clicking on links that were meant to reset their account passwords or to change the email addresses linked to their accounts.

Apart from requests for phone numbers and OTPs, victims may be asked for their debit/credit card details, internet banking credentials and/or OTPs on the pretext of receiving gift vouchers or monies 'won' from the 'campaign'.

They would receive a link leading them to a website fraudulently bearing the DBS logo which would be used to phish for their banking credentials.

Victims would later discover unauthorised transactions made to their banking accounts and/or unauthorised charges made to their handphone bills.

Members of the public are advised to adopt the following precautionary measures:

1. ADD - ScamShield App and set security features (e.g., enable two-factor (2FA) or multifactor authentication for banks, social media, Singpass accounts; set transaction limits on internet banking transactions, including PayNow/PayLah).

2. CHECK - for scam signs with official sources (e.g., visit www.scamalert.sg, call the Anti-Scam Helpline at 1800-722-6688 or check with the platforms on the authenticity of the campaigns). Be wary of unexpected requests or offers from social media contacts, especially those related to campaigns or contests. Never disclose your personal details, banking credentials and OTPs to anyone.

3. TELL - authorities, family, and friends about scams. Report any fraudulent transactions to your bank and telecommunications company immediately. If your social media account has been compromised, report this to the platform and inform your friends so that they do not fall prey to scammers who may use your social media account to impersonate you.

If you have any information relating to such crimes or if you are in doubt, call the police hotline at 1800-255-0000 or submit it online at www.police.gov.sg/iwitness. All information will be kept strictly confidential. If you require urgent police assistance, dial '999'.

For more information on scams, members of the public can visit www.scamalert.sg or call the Anti-Scam Helpline at 1800-722-6688.