I
n a variation on a recently seen theme in which scammers pose as buyers on e-commerce platforms, victims in Singapore are being taken in by people offering to buy goods from them.
Carousell is a popular (and legitimate) Singapore-based consumer-to-consumer and business-to-consumer platform on which people can buy and sell both new and second-hand goods. The contact message from the scammer typically reads something like this: “I would like to pay for an item via FedEx. It’s easy. I will need your phone number to place the order, now I will send you a link to receive funds for the goods, you confirm the transaction and receive the money for the goods,” etc.
The link to “receive funds” is malicious, designed to harvest the victim’s banking credentials. The victims have been realizing something is amiss only after they find unauthorized transactions on their accounts. The Singapore Police urge anyone with information about the scam, whether they’re victims or witnesses, to call the police hotline or report what they know online. So far people have lost more than S$17,000 to the scammers.
This is a scam directed against consumers, but it’s not difficult to see how similar approaches might be made to employees of a business, especially of business-to-consumer firms whose transactions include trading over e-commerce platforms. New school security awareness training can help your employees spot scams like the ones currently taking a ride on Carousell.
The Star has the story.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
