Here’s a nugget of wisdom for you: if something smells fishy, it probably is. Especially if you’re at that golden age where you can finally dip into your Central Provident Fund (CPF) funds, you’ve just painted a big, fat target on your back for scammers.
Don’t believe me? Just ask Mr Hong.
Mr Hong’s Knee-Jerk Reaction
After going under the knife for a knee replacement surgery, 62-year-old engineer, Mr Hong, decided to kick back and recover at home. On 31 May, he was scrolling through Facebook (yes, that ancient social media platform that your parents still use while you use Threads) when he stumbled upon an ad for seafood.
Now, the prices weren’t exactly a steal, but hey, who can resist the allure of convenience? So, he clicked on it, ready to reel in some fresh catch. Little did he know, this seemingly innocent click would lead to a whopping $40,000 disappearing from his CPF account. Talk about a costly catch.
Hook, Line, and Sinker
Mr Hong thought online seafood shopping was a nifty alternative to trudging to the wet market, especially given his post-surgery condition. He had seen such ads before, and with prices that didn’t raise any eyebrows, he didn’t smell anything fishy.
But here’s where things started to get a bit murky. After clicking the ad, he was redirected to a webpage where he couldn’t place an order directly. So, he did what any tech-savvy uncle would do – he found two WhatsApp numbers in the comments and tried to hook the seller directly.
A Friendly Fishmonger?
The seller seemed like a friendly chap, offering cash on delivery and direct home delivery. “They said it could be cash on delivery, delivered directly to my house. I thought it was very convenient. The seller was also very friendly. Anyone would let their guard down,” he claimed.
But as it turns out, not only did he not get his seafood, but he also ended up losing all his CPF funds.
His regular and special account balances, amounting to over $40,000, vanished faster than a prawn on a BBQ pit.
The Bait and Switch
So, how did this happen?
(Asking for a 29-year-old friend who’s looking to withdraw his CPF funds)
Well, following the seller’s instructions, he had clicked a link for an “order form,” which caused an app-like entity to appear on his phone. He noticed a loading circle on his screen as if the application was searching for something.
Little did he know, that could be when the malicious application was downloaded and installed on his phone.
Despite this unusual occurrence, he didn’t think much of it and continued following the seller’s instructions. However, despite his efforts, he couldn’t locate the product page. The seller then suggested they could help with the order, asking him to confirm with a $5 payment via PayNow, and then send a screenshot of the payment.
This was the moment when Mr Hong logged in to his bank account, which was likely tracked by the malicious app running in the background.
The seller claimed they would send an order number to Mr Hong, but he never received it. The seller reassured him that it was not a problem since they had received his $5 confirmation fee and promised that the goods would be delivered.
But as we all know, the scammer had already caught the big fish: his login details, his phone and his CPF funds.
The real shocker came the following morning. Between 1:30am and 4:30am, there were more than ten transactions, each under $5,000, from his DBS Bank account.
When he checked with the bank, he found a remaining balance of about $10,000, which oddly didn’t seem to have decreased. He asked the bank to freeze his account and reported to the police based on the bank’s advice.
The police investigation revealed that someone had transferred over $40,000 from his provident fund account to his bank account and then withdrawn it. Unlike typical fraud cases, the scammer did not ask for any login information or passwords.
However, Mr Hong had all his passwords and login details stored on his phone. So, the moral of the story?
Be careful where you cast your net, especially when you’re fishing for deals online. Threads carefully on Facebook.