From getting swindled by shady online businesses to picking up legit-looking phone calls with the +65 prefix, it’s tough to keep track of all the emerging scams these days – even with PSAs on the news and social media. Scams can vary across avenues, from fake online shopping payment forms to voice phishing, so it’s good to always have our guard up.
Here are 7 lesser-known credit card and online shopping scams you can take note of and start blasting in your WhatsApp family chats, to save your trusting folks from being scammed:
Image credit: Unsplash
Scammers are getting more creative these days, tapping into technological advancements that the average person wouldn’t even know exists. This scam involves a random card number generator which fraudsters use to generate endless card numbers, of which some will eventually be valid.
Scammers will test the generated numbers by guessing the month and year combination of your credit card expiry date, using small transaction amounts.
Once they’ve hit the jackpot with the correct expiry date corresponding with the credit card number, they will use your card to commit larger-scale fraud for as long as the unauthorised transactions go undetected. By the time you realise you’ve been scammed – be it through your monthly credit card bill or through your bank statement – it would’ve been too late.
Tips:
Card skimming IRL through ATM machines and physical payment terminals is pretty well-known. What you may not know is that it can occur digitally via online shopping platforms as well, through websites that are infected with skimmers which collect card numbers.
Especially in the current era where we shop online so often, it’s important to keep our eyes peeled for such a sneaky scam.
An example is how online skimmers can inject fake web forms disguised to look like legit payment forms from companies like PayPal, in order to steal customer payment data and use it for fraudulent purposes.
Example of a fake Paypal form.
Image credit: Formpro
Tips:
Phishing is a type of cyber attack used to steal sensitive information such as credit or debit card details. This malicious crime can come in various forms including emails, SMSes, DMs on social media, or phone calls.
Although we may be on high alert with the rising number of scams, sometimes we may not even realise that we’re falling for this fishy scam because of how “legit” things can be, especially when scammers mask themselves as officials.
In a 2019 case of vishing, scammers called victims pretending to be Apple tech support, scaring them into thinking their devices were at risk of getting hacked lest they surrender their details.
Image credit: Apple
Since this January, at least 280 victims have reportedly lost more than $1.2 million to scammers impersonating figures of authority over the phone – that’s even more than that recently-sold Yishun jumbo flat. This is known as vishing, AKA voice phishing. Scammers take on a fake identity to try and trick you into providing your credit card details, which they will then use for fraudulent transactions.
Fake number posing as MOH.
Image credit: Joycelyn Yeow
Other more recent examples include victims receiving phone calls from unknown numbers with the +65 prefix. Scammers may even impersonate staff from government bodies such as the Ministry of Health (MOH) and resort to caller ID spoofing – manipulating their caller ID such that the call appears to be coming from a local or well-known phone number.
Tips:
This kind of card misuse is done by someone known to the cardholder, such as a family member or friend who happens to know your credit or debit card details.
Apart from making one-off purchases which might alert you via OTP authorisation prompts, the card details can be used for recurring scheduled payments such as topping up digital wallets like EZ-Link or Grab. As these are legit transactions, you might not even realise that your credit card details are being exploited.
Just last month, it was reported that a dad was thrust with a $20,000 credit card bill after his daughter went on a 6-week in-game spending spree on Genshin Impact, unnoticed by her poor dad as he did not receive any payment authorisation alerts.
Another report stated that a former Miss Universe contestant memorised her friends’ card details when their cards were left unattended. Indeed, you can never be too safe!
Especially useful features include temporarily locking cards you do not use, and disabling online transactions.
Image adapted from: DBS
Tips:
Also known as Radio Frequency Identification (RFID) theft, wireless identity theft involves compromising an individual’s personal identification information using wireless mechanics. A common type of RFID theft is the diversion of SMS one-time passwords – a tactic which has reportedly led to about $500,000 being stolen in fraudulent card payments.
Image credit: Singapore Police Force
A more recent SMS-phishing scam involved fake SMSes appearing in the same thread as legit text messages previously sent by banks for OTPs and transaction alerts. Scammers are able to abuse software to manipulate their sender IDs to be identical to that of the bank, thus causing their SMS to appear in the same message thread.
These messages claimed that there were issues with the customer’s bank account, instructing them to click on a link which led them to a website requesting for their banking details. It’s hard to spot phishing links in these SMSes as they are often shortened to disguise the actual URLs. And to be fair, not many of us have the time and care to zone in on such minute details.
Tips:
It’s easy to fall prey to Internet merchandise scams because, well, some are really too good to pass up.
Being tempted by what seems like a good deal, customers transfer payment to the “seller” who promises delivery of the item. Sometimes, “sellers” make their deal extra attractive by stating that only the shipping fee has to be paid for. In other cases, they demand payment for delivery charges after the first payment is made. Ultimately, customers won’t receive the item.
Image credit: Joycelyn Yeow
Another similar scam is the cash-on-delivery shopping scam. Imagine this: a parcel comes. Your family member helps to receive your parcel and, without QC-ing the item, pays cash to the delivery personnel who informs you that the parcel requires Cash on Delivery (COD). When you get home, you open your parcel to realise that it’s a cheap replica of what you ordered.
Many of these fake sellers pose as legit online sellers on popular marketplaces such as Carousell and Instagram, casting a wide net of potential victims who are eager to go on an online shopping spree.
Tips:
Just this January, it was reported that victims lost $495,000 from fake bank hotlines listed in Google search advertisements.
Image credit: Pexel
In such cases, victims wanting to seek advice from banks would search for the banks’ contact numbers. The first few search results that popped up on Google are scam advertisements’ fake contact numbers but, not thinking too much about it, they dial those numbers and unknowingly play into the scammer’s scheme of impersonating bank staff.
Fraudsters would inform victims that there are issues with their bank account, credit or debit cards or loans, then instruct them to temporarily transfer their funds to fake bank accounts. This can also occur in the form of SMS-phishing.
Image credit: DBS
Tips:
It’s better to be safe than sorry. We should always keep our eyes peeled and be on the lookout for any suspicious e-commerce scams which may disrupt our shopping spree – meant for de-stressing in the first place – and even potentially burn a hole in our e-wallet.
Besides the tips shared above, you can easily up the security of your online transactions by enabling and customising your DBS card payment control features on the DBS digibank app.
For more advice from the bank pros themselves, check out the DBS online security page initiative for more security tips to protect yourself online. It’s frequently updated to guide you on how to siam sneaky scams, even the new and emerging ones that may be lesser-known.
This post was brought to you by DBS.
Cover image adapted from Unsplash.
Just an hour away from KL!
Taichung is only an hour by High Speed Rail from Taipei or Taoyuan station.
No more stressing over what to get your loved ones for Christmas.
Gone are the days when family photoshoots used to be boring and extra formal.
Here are all the best things to do this weekend in Singapore.
Meet new-to-Singapore species as well.