In recent years, scams have seemingly ‘infiltrated’ most online domains. Carousell, a Singaporean online marketplace, is no exception.
Of late, some Carousell users have been encountering a scam that tricks victims into keying in their credit card information and one-time passwords (OTP) through a suspicious payment link.
Blogger Mrbrown recounted his friend’s experience with such a scam. Thankfully, she was swift with her preventive actions and did not end up losing any money.
Nonetheless, he urged users to be vigilant and not fall victim to such scams.
According to Mrbrown’s post, his friend instantly received an offer after she listed an item on Carousell.
Soon after accepting it, she received a WhatsApp message containing a “personalised link” that was apparently valid for only 30 minutes.
Upon clicking on the link, the user was brought to a website which instructed her to key in her credit card number.
Sensing something amiss, she relayed the instruction to the ‘buyer’, and asked if it was “correct”.
In response, the ‘buyer’ allegedly replied, “Yes, this is how you’ll receive the payment.”
The Carousell user then proceeded to key in her credit card details. She subsequently received a one-time password (OTP) from the bank.
Coincidentally, the ‘buyer’ requested the OTP. It was at this point that she realised that it was a scam and immediately called her bank to cancel her credit card and freeze her account.
Thankfully, no funds were lost in the process.
Turns out, Mrbrown’s friend isn’t the only person to have experienced such a scam.
This Redditor, too, fell for a similar scam but claimed he was lucky as he didn’t have much money inside his account.
What was perhaps more worrying was the bank staff’s guess about him falling for the scam even without him saying anything — perhaps an indication of how widespread the scam is.
In fact, the police issued an advisory earlier this month about “phishing scams involving fake buyers on Carousell”.
According to the advisory, at least 352 victims have fallen for such scams since Nov 2022, with losses amounting to at least S$335,000.
The police urged users to be vigilant and to take note of the following measures:
Users should also note that Carousell does not send links via SMS. The only exception to this is OTPs, which should only be keyed into the Carousell application.
The full advisory can be found here.
If you know anyone who’s an active seller on Carousell, be sure to share this with them so they know what to look out for. MS News has reached out to Carousell for comments and will update the article accordingly when they get back.
Have news you must share? Get in touch with us via email at news@mustsharenews.com.
Featured image adapted from EDB Singapore.
The 69-year-old was reportedly upset over his neighbour's refusal to apologise.
False claims include that GCB transactions occur without government checks on beneficial owners' identities.
The suspect casually watched as the woman became consumed by flames.
The thief left the wallet and more than RM200 behind, presumably to mislead the 72-year-old…
Such poor sportsmanship.
Earlier this year, three managers were found to have made manual updates on a customer’s…