New scam targets delivery personnel from parcel and food delivery companies

SINGAPORE – Police have uncovered a new scam in which delivery personnel from parcel and food delivery companies are the targets.

Under this scam variant, the victims would first receive a cash-on-delivery order via their company’s delivery application, the police said in a statement on Tuesday (April 13).

On the pretext of making payment for the delivery, the scammer would then request for the victims’ mobile phone number via the app, claiming that it was for the purpose of transferring funds to the victim via PayLah!.

The victims would then receive a One-Time Password (OTP) and be prompted to login to their PayLah! account and key in the OTP in order to receive delivery payments.

Shortly thereafter, the victims would receive a notification that their PayLah! account had been linked to a Google Pay account.

Upon reaching the location for delivery, the victims would find no one there to receive the item. Subsequently there will be unknown transactions in the bank accounts of the victims.

The police advised members of the public to always confirm transactions one is making before keying in the One-Time Password.

They also advised people to inform their banks immediately if their PayLah! accounts were linked to other accounts without their authorisation, and to report any fraudulent transactions to the bank immediately.

In a separate statement on Tuesday (April 13), the police also noted an increase in non-banking related phishing scams involving spoofed e-mails and text messages related to parcel delivery.

Victims of such phishing scams would receive spoofed e-mails or text messages purportedly sent from a delivery company such as SingPost or DHL.

These phishing e-mails and text messages would usually prompt the victims to check the status of their parcel delivery by clicking on the URL link included in the e-mails and text messages.

Upon clicking the URL links, victims would be redirected to fraudulent websites where they would be required to provide their credit or debit card details and One-Time Password.

In some cases, the victims would receive a notification that their credit or debit cards had been linked to an Apple Pay account.

Most of the victims only realised that they have been scammed when they discovered unauthorised transactions were made using their credit or debit cards, said the police.

The police urged members of the public not to click on URL links provided in unsolicited e-mails and text messages, and always verify the authenticity of information received with the official website or sources.

More on this topic

They also advised people to contact their card issuing bank immediately if they received a One-Time Password and did not make any online transactions, and to always verify the merchant details indicated in the One-Time Password text message or notification before providing it

The police said not to key or input the One-Time Password on the payment page if not making the transaction, and never to disclose personal or Internet banking details and One-Time Passwords to anyone.

If members of the public have information related to these scams or are in doubt, they can call the police hotline at 1800-255-0000, or submit info online at the Singapore Police Force’s website.

For more information on scams, members of the public can visit Scam Alert’s website or call the Anti-Scam Hotline at 1800-722-6688.

More on this topic

Join ST’s Telegram channel here and get the latest breaking news delivered to you.

Source: Read Full Article