“We will monitor the trends, we will see which trend is spiking faster than others and then we will devote resources and come up with ways to tackle those, on a daily and weekly basis,” said SAC Shee.
That was how the police caught on to malware scams when they first emerged sometime in 2022. This variant involves fraudsters infecting Android phones with malware, accessing the phones and consequently siphoning money via mobile banking apps.
At least S$34.1 million was lost to malware scammers in 2023.
“We started noticing that there are a lot of reports where the victim said that, ‘Actually I didn’t do any transfer, but I don’t know why, I discovered that money is gone from my account’,” said SAC Shee.
“We did our investigation, part of which was that we conducted some forensic examination of the victim’s phone and in some of the phones we found the malware, and that is what alerted us to the start of scammers using this as a tool.”
But scammers have managed to react just as fast, with some even wiping out phones to frustrate forensic efforts.
The Government Technology Agency (GovTech)’s principal product manager in anti-scam products, Mark Chen, described the fight against scams as an “ongoing” battle.
“It’s not one and done, you can’t develop a tool and let it run in the background. The scammers are going to react very quickly, they will have evasion techniques,” said Mr Chen.
His team builds technological solutions to disrupt scammers, as part of efforts by GovTech to support law enforcement.
Mr Chen pointed to just how speedily a scammer could hijack a phone, as an example of how they “really are levelling up a lot.”
After a user installs a malicious, malware-infected app on the phone, the user would need to enable accessibility permissions, allowing the app to access the phone remotely.
The initial reason for such a function was for people with disabilities, who needed to have an app read to them, for example.
Once enabled, the swindler will take over the phone to grant other permissions, which flash across the screen in a series of lightning-fast pop-ups.
“You can’t even see what you allowed them to do,” Mr Chen said, pointing out how scammers then use the permissions to grant them everything else they need – the ability to read SMSes, intercept calls and even obtain locations.
“It’s all instant because it’s remote already. Now they can tap on your phone as if they are you – because you gave them that permission.”