Carousell phishing scams surge in December with S$836,000 lost compared to S$938,000 in first 11 months: Police

SINGAPORE — At least 877 people have fallen prey to scams on e-marketplace Carousell since the start of December, with total losses amounting to at least S$836,000 so far. This came close to the S$938,000 lost from January to November that involved at least 975 victims, the police said.

This was despite a warning earlier this month by the police to be on guard for such scams.

In their latest advisory to the public on Wednesday (Dec 28), the police said that they have observed “a sharp increase in the number of a phishing scam variant involving fake buyers on Carousell”.

The culprits would pose as buyers on Carousell expressing interest in items that the victims had listed on the site.

After agreeing to the sale of the items, the culprit would ask for the victim’s contact details to facilitate payment or delivery of the items.

Depending on the details given, the victims would then receive an email, SMS on the phone or a message on messaging application WhatsApp containing “dubious” website links or QR (quick response) code, the police said.

Examples of such links may be “cutt.ly/31uXCDu” or “carousell.quick-funds.in/266780736”.

However, only domains that end with “carousell.com” or “carousell.sg” are genuine Carousell domains.

Once the victims have clicked on the given links or scanned the QR code, they would be redirected to a spoofed website to key in their internet banking login credentials, bank card details or a one-time password (OTP).

The victims would realise that they had been cheated when they discovered unauthorised transactions made from either their bank accounts or cards.

The police are again warning users who trade on Carousell to be wary of buyers asking for an email address or phone number on the pretext that these details are needed for the buyer to make an order through the platform's payment solution Carousell Protection.

“Carousell does not ask for payment, order confirmation, or card details via external sites or email,” the police said.

Users should never disclose their personal or internet banking details and OTP to anyone either.

They should always verify the buyer’s profile on online marketplaces by checking the account's verification status, creation date, reviews and ratings.

“Report any suspicious user and fraudulent transaction from the online marketplace to the e-commerce platform,” the police said.

Members of the public may visit www.scamalert.sg or call the Anti-Scam Hotline at 1800-722-6688 for more information on scams.

Anyone with information about scams may contact the police at 1800-255-0000 or submit information online to www.police.gov.sg/iwitness.