Singapore hit by growing cybercrimes, clocks $501M in losses from scams

Singapore still is seeing more cases of online crimes, with phishing and e-commerce scams amongst the top five most common tactics used. 

The country saw a 25.2% climb in scams and cybercrimes last year, hitting 33,669 in reported cases, up from 26,886 in 2021. Scams accounted for the bulk, cheating victims of SG$660.7 million ($501.9 million), a 4.5% increase from SG$632 million in 2021, according to the latest figures from the Singapore Police Force (SPF). 

Phishing, e-commerce, and investment scams were amongst the top five most common tactics used against victims, making up 82.5% of the top 10 types of scams last year. Phishing cases topped the list, with 7,097 reported cases in 2022, up 41.3% from 2021. 

In such incidents, scammers typically used email and text messages or phone calls to hoodwink their targets, during which they would impersonate officiates or trusted entities to persuade victims to divulge their personal details, such as credit card or bank account information. Scammers then would use the data to carry out unauthorised transactions. 

Messaging, social media, and online shopping platforms were the most popular channels scammers used to contact their victims. WhatsApp alone was tapped for 56% of scam cases in which scammers used messaging platforms, while 36.1% opted for Telegram. 

As for social media, Facebook was the most commonly used by scammers, accounting for 59.6% of incidents last year. Another 34.2% chose Instagram. 

With more consumers now spending online, it should come as no surprise that e-commerce scams saw a spike of 74.5% last year, where losses climbed a whopping 261% to SG$21.3 million. Such scams typically saw victims not receiving their goods and services after payments were made. 

Popular online marketplace Carousell accounted for 89% of e-commerce scam cases. 

According to the SPF, young adults were the most likely scam victims, with those aged 20 to 29 and 30 to 39 making up 26.7% and 26.8% of all victims, respectively. Scammers typically turned to social media, messaging, and online shopping platforms as modes of contact, where the majority of victims in these age groups falling prey to job and phishing scams. 

To better combat growing cases, Singapore last March set up the Anti-Scam Command (ASC) to unify key resources into a central unit, including scam investigation, incident response, intervention, and enforcement. It comprises the anti-scam centre and various investigative and enforcement branches within the Police. 

Last year, the ASC conducted more than 11,100 interventions, during which targeted victims were alerted to the scams. the SPF said. In May 2022, the ASC also worked with local bank DBS to recover $11.5 million, marking the largest amount recovered in a single scam. Victims in the incident were involved in a business email compromise, in which scammers claimed to be the victims' clients. Victims were tricked into making transactions totalling $15.5 million to DBS accounts.

Local mobile carriers also were roped in to stem scam cases, shutting down mobile lines the ASC had identified as those used by scammers. More than 6,500 mobile lines were terminated last year and more than 22,800 WhatsApp numbers were believed to be used for scams, according to SPF.

It added that the ASC worked with social media and e-commerce platform operators to remove suspicious accounts and advertisements. 

Singapore this month began tagging SMS messages from organisations not registered with the local ID registry as spam. The move was the latest in ramped up efforts to combat online scams, with further measures being explored such as giving mobile users the option not to receive international SMS messages or calls.

The government over the past year had urged the need for shared responsibility in preventing online scams, following a massive phishing scam involving OCBC Bank customers that resulted in losses totalling SG$13.7 million ($10.18 million). Several measures also were introduced to beef up local banking and communications infrastructures, including a "kill switch" banks must provide to enable customers to suspend their accounts in a suspected breach.

RELATED COVERAGE

• Singapore to tag unregistered SMS senders as 'likely scam'
• Singapore releases blueprint to combat ransomware attacks
• Most Singapore IT leaders cannot identify fake messages, but only half concerned about phishing risks
  
• Singapore firms see 54 cybersecurity incidents daily, struggle to keep up
• Singapore urges shared responsibility in preventing online scams as it readies liability framework
• Singapore mandates 'kill switch' for banks as safeguard against online scams
• Singapore to step up security measures in aftermath of phishing scams