police advisory on resurgence of social media impersonation scams involving fake campaigns
the police have observed the resurgence of social media impersonation scams involving fake campaigns. from 1 january to 26 july 2023, at least 124 victims have fallen prey to this variant, with total losses amounting to at least $330,000.
the scam works in the following ways:
- victims are approached on social media platforms such as instagram or facebook on the pretext of joining, or voting in fake campaigns allegedly organised by local brands (e.g. lazada, grab, shopee). unknown to the victims, these social media accounts have either been taken over by scammers or were spoofed by culprits impersonating as victims’ relatives or friends.
- the scammers would then ask victims for their phone numbers and/or one-time passwords (otps) sent out from various platforms (e.g. microsoft, grab, google) in order to receive gift vouchers or monies “won” from the “campaign”.
- the otps provided by the victims would be abused by the scammers to approve transactions from the victims’ linked bank accounts/cards to e-wallets (e.g. grab activation code). victims may also lose access to their instagram/facebook accounts after giving away otps that were meant to reset their account passwords.
- in some variants, victims may lose access to their instagram/facebook accounts after clicking on links that were meant to reset their account passwords or to change the email addresses linked to their accounts.
apart from requests for phone numbers and otps, victims may be asked for their debit/credit card details, internet banking credentials and/or otps on the pretext of receiving gift vouchers or monies “won” from the “campaign”. victims would receive a link leading them to a website fraudulently bearing the dbs logo which would be used to phish for their banking credentials. victims would later discover unauthorised transactions made to their banking accounts and/or unauthorised charges made to their handphone bills.
the police would also like to advise members of the public to adopt the following precautionary measures:
- add – scamshield app and set security features (e.g., enable two-factor (2fa) or multifactor authentication for banks, social media, singpass accounts; set transaction limits on internet banking transactions, including paynow/paylah).
- check – for scam signs with official sources (e.g., visit , call the anti-scam helpline at 1800-722-6688 or check with the platforms on the authenticity of the campaigns). be wary of unexpected requests or offers from social media contacts, especially those related to campaigns or contests. never disclose your personal details, banking credentials and otps to anyone.
- tell – authorities, family, and friends about scams. report any fraudulent transactions to your bank and telecommunications company immediately. if your social media account has been compromised, report this to the platform and inform your friends so that they do not fall prey to scammers who may use your social media account to impersonate you.
if you have any information relating to such crimes or if you are in doubt, please call the police hotline at 1800-255-0000, or submit it online at . all information will be kept strictly confidential. if you require urgent police assistance, please dial ‘999’.
for more information on scams, members of the public can visit or call the anti-scam helpline at 1800-722-6688. fighting scams is a community effort. together, we can act against scams to safeguard our community.
annex a
example of a fake lazada campaign with phishing link provided
example of a facebook password reset code given by victim to participate in the “campaign”
example of a lazada “campaign” banner
public affairs department
singapore police force
02 august 2023 @ 3:45 pm
发表回复