https://mothership.sg/2023/08/single-mother-malware-scam/
|
August 10, 2023, 06:12 PM
A Singaporean single mother lost S$28,000 after a hacker cleaned out S$8,000 from her bank account and took another S$20,000 from a credit line which they applied under her name without her knowledge.
The 49-year-old woman said she had downloaded malware unknowingly, which allowed the hacker full control of her phone remotely, reported Shin Min Daily News.
However, when the notification disappeared after she clicked on it, Chen suspected something might be wrong.
She checked her bank account online and found only S$4 left.
Shocked, she immediately contacted her bank to freeze her account, alerted the police, and handed her phone to the police for investigation.
Chen was also told that she had probably clicked on an advertisement accidentally while browsing through Facebook and downloaded the malware, which had an icon that looked like Google's Chrome browser, without knowing.
However, the hacker needed Chen's authorisation to control her device remotely.
To that end, the hacker tricked her into giving her authorisation by deceiving her with a notification that asked her to update the "browser".
Looking back, Chen could vaguely recall that she had once received a notification on her phone which stated that her Chrome-resembling app would require an update.
At that time, she didn't think too much of it and clicked on the "agree" button.
"I have multiple pages of apps on my phone, so I didn't notice I have downloaded two Chrome apps," shared Chen, who wants to caution others to check their phones.
After taking control of her phone, the hacker logged into her bank account on Jul. 15, 2023, and added a new recipient before making five transfers on Jul. 18.
The hacker also utilised a S$20,000 credit line they applied under Chen's name without her knowledge.
While making the transfers, the hacker simultaneously deleted all the messages in Chen's phone from her bank that notified her of the transactions.
As a result, Chen was only able to notice the unauthorised transfers four hours after the hacker began making the transfers, according to her bank.
After the money was transferred to the company, it was converted into stablecoin before it was transferred to a third-party recipient, the police told Chen.
They also told her she was unlikely to get her money back.
She would also need to pay another S$700, which includes interest and administration fees.
If she fails to repay the bank, her credit rating will suffer.
Chen told Shin Min that while she understood she had given her "permission" for the S$8,000 transfer, she had never applied for the credit line, and she didn't understand why the bank would approve a credit line application of such a high amount.
She also revealed that she had recently separated from her husband and is currently taking care of her two daughters, aged seven and 10, respectively, alone.
As she needed to work, she said she had to hire a domestic helper for S$700 monthly to take care of her daughters.
On Aug. 6, she also received an update from her bank, who informed her that the bank would review her case.
Chen hopes the bank could waive the S$20,000 debt out of goodwill.
She also said she would be more careful in the future and caution others to pay more attention to the apps they download.
Top image via Shin Min Daily News
S'porean single mother, 49, unknowingly downloads Chrome-resembling malware, loses S$28,000
The hackers controlled her phone and left her with only S$4 in her bank account.
Winnie Li
|
A Singaporean single mother lost S$28,000 after a hacker cleaned out S$8,000 from her bank account and took another S$20,000 from a credit line which they applied under her name without her knowledge.
The 49-year-old woman said she had downloaded malware unknowingly, which allowed the hacker full control of her phone remotely, reported Shin Min Daily News.
How the unauthorised transfer was discovered
The single mother, surnamed Chen (transliteration from Mandarin), told Shin Minreporters that she received a notification on her phone at around 6pm on Jul. 18, 2023, informing her that a transfer of S$6,000 had been made.However, when the notification disappeared after she clicked on it, Chen suspected something might be wrong.
She checked her bank account online and found only S$4 left.
Shocked, she immediately contacted her bank to freeze her account, alerted the police, and handed her phone to the police for investigation.
Police findings
Chen said the investigating officer told her the hacker had likely hacked Chen's phone through malware and transferred the money from her account.Chen was also told that she had probably clicked on an advertisement accidentally while browsing through Facebook and downloaded the malware, which had an icon that looked like Google's Chrome browser, without knowing.
However, the hacker needed Chen's authorisation to control her device remotely.
To that end, the hacker tricked her into giving her authorisation by deceiving her with a notification that asked her to update the "browser".
Looking back, Chen could vaguely recall that she had once received a notification on her phone which stated that her Chrome-resembling app would require an update.
At that time, she didn't think too much of it and clicked on the "agree" button.
"I have multiple pages of apps on my phone, so I didn't notice I have downloaded two Chrome apps," shared Chen, who wants to caution others to check their phones.
Hacker deleted notification messages from bank
The investigation officer further explained to Chen that after the hacker received her authorisation, they could control Chen's phone remotely by downloading TeamViewer, a remote access and control software, onto her phone.After taking control of her phone, the hacker logged into her bank account on Jul. 15, 2023, and added a new recipient before making five transfers on Jul. 18.
The hacker also utilised a S$20,000 credit line they applied under Chen's name without her knowledge.
While making the transfers, the hacker simultaneously deleted all the messages in Chen's phone from her bank that notified her of the transactions.
As a result, Chen was only able to notice the unauthorised transfers four hours after the hacker began making the transfers, according to her bank.
Money transferred to a cryptocurrency company
Chen also discovered her monies were transferred to a cryptocurrency company.After the money was transferred to the company, it was converted into stablecoin before it was transferred to a third-party recipient, the police told Chen.
They also told her she was unlikely to get her money back.
Bank initially asked Chen to pay back S$20,000
Although Chen had explained to her bank about her situation, it insisted that she pay back the S$20,000 withdrawn under her credit line.She would also need to pay another S$700, which includes interest and administration fees.
If she fails to repay the bank, her credit rating will suffer.
Chen told Shin Min that while she understood she had given her "permission" for the S$8,000 transfer, she had never applied for the credit line, and she didn't understand why the bank would approve a credit line application of such a high amount.
She also revealed that she had recently separated from her husband and is currently taking care of her two daughters, aged seven and 10, respectively, alone.
As she needed to work, she said she had to hire a domestic helper for S$700 monthly to take care of her daughters.
Bank currently reviewing Chen's case
Chen said she contacted her Member of Parliament (MP) and the Financial Industry Disputes Resolution Centre for help.On Aug. 6, she also received an update from her bank, who informed her that the bank would review her case.
Chen hopes the bank could waive the S$20,000 debt out of goodwill.
She also said she would be more careful in the future and caution others to pay more attention to the apps they download.
Top image via Shin Min Daily News
