SINGAPORE: The Singapore Police Force (SPF) has apprehended nine individuals, including a woman and a 16-year-old boy, in connection with an elaborate bank phishing scam.

The arrests were made as part of an island-wide anti-fraud law enforcement operation conducted by the police this week, from 19 to 23 June. Two women and a man are also currently assisting the authorities with their ongoing investigation.

The nine suspects were taken into custody following a series of reports received by the police since the end of May this year.

The victims reported that their mobile phones had been hacked, leading to unauthorized transactions in their bank accounts. Notably, the victims asserted that they had not disclosed their online banking credentials, one-time passwords, or Singpass credentials to anyone.

Preliminary findings suggest that the scammers exploited social media platforms to advertise their fraudulent scheme. Unsuspecting victims, enticed by these advertisements, proceeded to download mobile applications as instructed by the scammers.

However, the downloaded applications contained malware, which allowed the perpetrators to gain remote control over the victims’ mobile phones. Through this unauthorized access, the scammers obtained the victims’ online banking credentials, one-time passwords, and Singpass credentials.

The scam primarily targeted victims’ CPF deposits, which were subsequently transferred to unauthorized bank accounts before being further distributed to various individuals. In total, the victims suffered losses amounting to $221,000, with $114,000 of that being CPF deposits.

The police have urged the public to exercise caution when downloading applications or responding to online advertisements, emphasizing the importance of verifying the authenticity and legitimacy of such sources.

They have also advised individuals to regularly update their mobile devices’ security software and refrain from disclosing sensitive personal information to unknown or unverified sources.