SINGAPORE – The web site appears reputable – it appears to be like like the location of postal companies firm Singapore Put up. It even shows a rip-off alert that reads: “Phishing web sites impersonating SingPost are utilizing pretend supply notices and textual content messages to extract private knowledge.”
In actuality, this website is itself a rip-off website phishing for victims’ particulars. This was amongst three varieties of phishing scams by fraudsters masquerading as SingPost uncovered by cyber-security agency Group-IB.
In response to knowledge launched by the police final month, victims misplaced a whopping $15.3 million final yr from phishing scams not associated to banks, an over 15-fold spike from 2020’s $984,000.
Of those non-bank associated phishing scams, one outstanding sort concerned crooks posing as supply firms reminiscent of SingPost.
Group-IB mentioned on Monday (March 28) that the three rip-off varieties use pretend SMSes and websites that seem to belong to SingPost. It’s unclear the place the scammers are from. Listed below are extra particulars about these scams.
Q. How do the pretend SMSes attempt to move off as SingPost texts?
A: The SMS sender names utilized by the fraudsters for the pretend texts included “information”, “msginfo”, “SMSinfo” and “AUTHMSG”. However some used extra genuine-looking names reminiscent of “SingPost” and “SGPOST”.
The bogus texts appear like supply notices encouraging victims to click on a shortened URL resulting in a pretend SingPost website. For example, the SMSes cite a supply drawback that must be resolved on the URL supplied, or name-drop SingPost and say items have to be signed.
Q. How do the pretend SingPost websites trick victims?
A: The three scams have some variations of their ways. Within the first SMS rip-off sort – dubbed Group 1 – after the sufferer is tricked into clicking the hyperlink in a pretend supply discover SMS, they’re directed to a pretend SingPost website that asks them to go away a telephone quantity and pay a small payment to obtain a supply.
The pretend website tries to look extra reputable by having a rip-off alert warning the sufferer about phishing websites impersonating SingPost.
“The rip-off alerts on the rogue web sites are one thing that we have been seeing for some time all around the world,” mentioned Mr Ilia Rozhnov, Group-IB’s head of the digital danger safety staff within the Asia-Pacific. “In Singapore, we detected this tactic for the primary time in 2021. A rip-off alert itself can’t be used to confirm the legitimacy of the web site.”
The rip-off ultimately directs victims to a pretend cost website the place they’re tricked into getting into cost and private particulars. In addition they get subscribed to month-to-month funds of $40 to $60 to the fraudsters, however these transactions are likely to go unnoticed by conventional anti-fraud options.
The primary identified Group 1 rip-off websites appeared between March and April 2020. On the rip-off’s peak, there have been no less than 15 pretend SingPost websites however none is lively now.
Mr Rozhnov mentioned the pretend websites don’t stay lively for lengthy, with the fraudsters transferring shortly between completely different pretend websites. Inactive websites can get reactivated later, too.