Apple Gets Drawn Into Rife Singapore Card Scam

A spam-fighting mascot will not be much help as fraudsters become increasingly sophisticated. 

Whether it is phishing, spoofing, or pharming, it is increasingly clear that we are living in the age of digital fraud - and that we are nowhere near peak anything yet when it comes to it.

On the side of the underworld – deepfakes and GenAI. Fighting for the good guys? In Singapore’s case, not a great deal more than a scam-fighting mascot, something finews.asia commented in November. 

Golden Age

The way things are going right now some of us of a certain age are going to be fondly reminiscing about the innocent, good old days when someone from Nigeria claiming to be linked to the government in some kind of important way sent a very polite email wanting to transfers millions of dollar to you, just you, because you were ostensibly such a good person, or at least you were back then.

But a statement put out by the Association of Banks in Singapore on Monday shows that if you put banks on the spot, and threaten direct police intervention, as a parliament bill in the city-state did in January, they will jump into action - and go and blame someone else.

Big Tech Disgrace

In this case, it is Apple. But in their defense, Big Tech has not exactly done a great job of weeding out fraudsters. Just try posting something of any value on Facebook and see what happens. 

Half the time someone with a profile dating back to a very distant 2024 claims to be up and ready to book an SF Express van and take it off your hands, after which they will transfer the funds.

Increasingly Sophisticated

So, in that context, it is understandable what the banks are trying to do. But Monday’s statement underscores how sophisticated criminals are getting without even using deepfakes and AI.

A fake website and there we go. A quick «enter» to input your credit card details, a fraudulent third-party provision onto a mobile wallet (with ABS clearly emphasizing ApplePay first in that context), and a confusing bank SMS OTP divulged to the wrong party - and done.

Strengthened Controls

In truth, it is one of those scams that you don’t truly get until you go through with it and the money is gone. But by then it is too late. 

Given that, ABS says the major card issuing banks in Singapore have «adjusted» (strengthened, we would hope) surveillance measures in response, preventing S$53.9 million in losses in the fourth quarter of 2024 alone.

Further Steps

They are also working with the aforementioned Apple Pay, Google Pay, Samsung Pay, and card providers Visa and Mastercard to require additional verification in-app controls and digital token authentication, steps that are expected to be complete by 2025.

As part of that, the banks will proactively remove cards provisioned in mobile wallets if it looks like there is any sign of fraudulent activity.

Too Good to be True

The ABS ended its statement on an important note that is identical to that of its spam-fighting mascot.

It is «key» that the client remains vigilant and if it seems to be too good to be true, it probably is – as they can only go so far to stop bad things from happening.