“Sharp Increase” In Phishing Scams On Singapore's Marketplace Platform Carousell
Beware, phishing scams are once again on the rise in Singapore.
The police in a public advisory on Wednesday, 28 December, said they have observed a "sharp increase" in phishing scams on Carousell since the start of December, as Today reports. No less than 877 people have already fallen victim on the e-marketplace, with total losses amounting to at least S$836,000 – a number that's not far from the S$938,000 lost from January to November that involved at least 975 victims.
According to the police, the culprits would target victims by posing as buyers on Carousell. They would first express interest in the item the victim listed on the site.
Then, they would discuss the details of the sale, asking for the victim's contact to facilitate payment or delivery of the item.
After which, they would send an email, a text or a message on applications like WhatsApp, depending on what contact information the victims shared, containing “dubious” website links or QR codes. Examples of such links reportedly include “cutt.ly/31uXCDu” or “carousell.quick-funds.in/266780736”. These links lead to spoofed websites where the victims would be asked to key in their internet banking login credentials, bank card details or a one-time password (OTP) to supposedly receive the payment for their items.
From here, the culprit already has access to the victim's bank account or card and can make unauthorised transactions using it.
The police already issued a warning early in December after they saw a surge in scams in November. They are again warning Carousell users to be wary of buyers who ask for email addresses or phone numbers on the pretext that these details are needed for the buyer to place an order through the platform's payment solution Carousell Protection.
“Carousell does not ask for payment, order confirmation, or card details via external sites or email,” the police said.
They also remind the public to be check the domains they click on. Only domains that end with “carousell.com” or “carousell.sg” are genuine.
Carousell users shouldn't disclose their personal or banking details, along with OTPs, in the first place.
“Report any suspicious user and fraudulent transaction from the online marketplace to the e-commerce platform,” the police added.
The police said they have observed a "sharp increase" in phishing scams on Carousell since the start of December.
No less than 877 people have already fallen victim on the e-marketplace, with total losses amounting to at least S$836,000 – a number that's not far from the S$938,000 lost from January to November that involved at least 975 victims.
The police already issued a warning early in December after they saw a surge in scams in November.