A 58-year-old woman lost over $44,000 after falling victim to a malware scam.
Yes, the malware scam has struck again, and it doesn’t seem to be going away anytime soon.
Here’s a breakdown of how the scam happened so you know how to avoid such scams.
Woman Loses Over $44,000 After Falling Victim to Malware Scam
58-year-old Jacqueline Khoo only wanted to order grouper fillets online for $10 but ended up paying over $44,000.
On 25 August, Ms Khoo saw a Facebook advertisement for “boneless grouper fish fillets” from a seafood supplier called “Fresh Market TGS”.
I mean, the seafood supplier “sold” the grouper fillets for merely $10—you can understand why Ms Khoo was tempted. To sweeten the deal, the grouper fillet came with free shipping.
Wah, shiok (for now, at least).
Anyway, Ms Khoo, having bought fish and pork from other online platforms before, wasn’t suspicious about the Facebook advertisement at all. She clicked on the ad and was subsequently contacted by the seller via WhatsApp.
Bad move.
The seller instructed her to install a third-party app called Grab&Go on her phone so that her grouper fillet order could be placed successfully.
Ms Khoo went ahead with her grouper fillet order after realising that the third-party app did not require her to enter any bank details. She only had to enter her name, address, and mobile number on the third-party app to check out her order.
And this, ladies and gentlemen, is our first lesson of the day—just because an app doesn’t require you to key in your bank details, it doesn’t mean those behind the app can’t obtain it eventually.
The app was already laced with malware; installing it on your phone was sufficient for the malware to work its “magic” on your phone and retrieve the details saved on your phone—including your bank details.
Anyway, Ms Khoo would gradually start to realise that the app was a little sus a few hours later. At 8 pm that night, her phone suddenly heated up, and she was greeted with the “blank screen of death”. Her phone also restarted twice on its own.
At this juncture, she decided to uninstall the third-party app and charge her phone, speculating that perhaps her phone was just low on battery.
Lo and behold, two days later, when she checked her bank account to see if she had received her salary, a surprise was sprung on her—one that she should have foreseen given how sus the Facebook advertisement and the third-party app were.
She only had a few dollars left in her bank accounts.
Scammers Withdrew Over $32,000 & Spent $12,000
As it turns out, the scammers behind the malware scam had raised her transaction limit from $25,000 to $55,000 and subsequently withdrew $32,287 from her three POSB savings accounts.
The sum ended up in a Hong Leong Bank account.
That’s not all. The scammers also spent $12,000 on two of her POSB credit card accounts, putting her $12,000 in debt.
That brings her total losses to over $44,000.
But perhaps the worst thing of all was that, throughout the entire process, she never once received any one-time passwords (OTPs) via SMS verifying the unauthorised transactions.
The scammers took her money, all while staying under the radar.
The bookstore merchandiser, a mother of two daughters, shared that the $12,000 was meant to fund her 16-year-old daughter’s school fees and insurance.
It doesn’t help that her 16-year-old daughter’s insurance policy expires soon.
“Everything’s gone. I can’t sleep and can’t eat,” Ms Khoo added.
Scam Victim Lodged Police Reoprt; Sought Help from MP to Write to POSB and MAS
With nowhere else to turn to, Ms Khoo decided to do what every Singaporean always thinks to do: file a police report and ask a Member of Parliament (MP) for help.
Ms Khoo lodged a police report on 28 August. Investigations are currently ongoing.
The 58-year-old also sought Marsiling-Yew Tee Group Representation Constituency (GRC) MP Lawrence Wong’s help in writing to POSB and the Monetary Authority of Singapore (MAS).
She hopes that POSB and MAS will respond to her appeals to waive the $44,000 taken from her credit card and savings accounts.
Ms Khoo is far from the first to fall victim to such a malware scam in the past month.
Earlier this month, we saw a 51-year-old woman lose over $76,000 to the same type of scam. She was enticed by a Facebook advertisement selling bunny-shaped snow-skin mooncakes.
The mooncakes were only supposed to cost $29.90. It ended up costing her thousands.
Another man lost $60K after falling victim to a similar malware scam, but this time over a Facebook advertisement selling Asahi beer.
With how common these scams remain despite the recent spotlight on them, it seems like there might be more in play rather than a mere lack of scam awareness.
These malware scams are simply becoming even more sophisticated than ever.
The devil works hard, but these scammers work harder, constantly improving their scam tactics to lure victims even deeper into the dark.
These malware scammers have recently started to perform factory resets of victims’ phones so that victims cannot stop the fund transfers in time.
This could explain why, in the present case, Ms Khoo found her phone restarting twice. Presumably, these malware scammers were performing factory resets on her phone to buy more time for themselves to “earn” their money.
So, what can you do to avoid falling victim to such scams? As a starter, you should read up more on such scam cases, which you can find on ScamAlert’s website. This helps you understand how these scams are being carried out and how they’ve been modified as days pass, allowing you to spot signs of such scams.
And you know what? Perhaps stop buying things from Facebook advertisements lah.
You can watch this video to learn more about how malware scams operate: