Crimewatch 2023 EP5 - Identity Theft
Jake, I need to speak to you about your credit card bills. -Yes? -Have you been using them a lot lately? A bit, why? What's up? Jake! There's a bill here for... $5,213,821.99! Why would you spend $5 million on cloud computing services? I didn't. But it's on your card, your personal credit card...
I didn't buy this! If you didn't buy it, then who did? Jake, was the $5 million a company expense? Did you use your personal card for company expenses by mistake again? I would not make this mistake. We've talked about this. Angela, why would I invest this kind of money in cloud services? The whole idea behind cloud services is to reduce costs.
I want you to think of it this way. Less physical computers means less rent, less space, less electricity. Less physical computers means less maintenance, less tech support, overall reduction in staff cost. That's why I paid for cloud services.
This is ridiculous. So you think this is a fraudulent transaction? Only an idiot would spend $5million in three months! On cloud services! Call the bank and dispute the charge. And call my lawyer! Morning, sir. Morning, what do we have? We have a complex case.
Clouder? The global cloud computing services company? Yes. They submitted a police report. What are the facts? They have a client, Jake Collins. Isn't he the President of World e-Sport Entertainment? Yes. Their latest game had over a million downloads within a week. I guess I'm one of the million who downloaded it. So what happened? Clouder was contacted by Jake Collins' lawyer. His client denies making a purchase of US$5 million worth of cloud computing services.
What was Jake's contention? He claimed that he couldn't have made the transactions because he didn't even sign up for a Clouder account in the first place. I assume Clouder has already conducted an internal investigation? Yes. They found that someone impersonated Jake Collins and created an account. -How? -By using Jake's credit card. -So how long did this go on for? -Three months.
The imposter kept emailing Clouder to defer payment. But finally, the bill got too large and Clouder charged US$5 million to Jake's credit card. And that's when the house of cards collapsed. Exactly. But Jake Collins is a tech guy. A guru, even. Wouldn't he have enabled Two-Factor Authentication on his credit card? Salim is right.
Jake should have gotten a One-Time Password notification from the bank for credit card usage. That's the thing. When Jake called his bank, he found that his preferred Two-Factor Authentication method had been changed without his knowledge. How did that happen? The bank couldn't tell.
All they know is that the imposter had changed Jake's One-Time Password notification from phone to email. So? As long as the impostor doesn't have access to Jake's email, he wouldn't know the One-Time Password, and without the One-Time Password, the transaction would have been blocked. Unless the imposter hacked into Jake's email? No. The imposter created a fake email address.
Then he changed Jake's genuine email address to that fake email address. Close enough if you don't look too carefully. So the One-Time Password was sent to the imposter's fake email address. Yes. This same fake email address was also used to sign up for a Clouder account under Jake's name.
But the question still has to be raised, shouldn't the bank have notified Jake of the request to change his email address? The bank said they did, but Jake didn't notice it. Jake, we need to beef up our cybersecurity. There have been several hacking attempts lately.
We have to protect our customers' data. It's vital to the credibility of the company. I agree 100%. Did you go through the proposals? No, you didn't.
Look, there are five vendors for us to choose from. Vendor A is Piracy Protector Plus. They've been in the industry for 10 years, so are not a bad option, but they are a little expensive.
I'm worth billions, I don't care about money, I want protection. Vendor B... Why would anyone need US$5 million worth of cloud computing services? Probably to mine cryptocurrency. Both Clouder and World e-Sport Entertainment are based in the US. So why is Clouder making a police report in Singapore? During their internal investigation, they found a Singapore connection.
This is Fauzi bin Hamzah. Singaporean. 66 years old. Single. Fauzi signed up for Clouder's cloud computing services.
When asked to send over documents for verification of his identity, he sent this instead. He sent Jake's credit card bill instead of his own? -Yes. -How does he have Jake's credit card bill? Exactly. So Fauzi's the impostor? He stole Jake's identity? Unlikely. Fauzi has no priors, not even a traffic ticket.
Did you do a background check? I did. I couldn't find anything to connect the two. -Hello, Uncle. -Hello. Can I PayNow? -What? -PayNow... Of course you must pay now.
I mean, can I use my handphone to pay? No...we only take cash. Okay, how much? There's virtually zero overlap between Fauzi and Jake. Maybe there's something we missed. Salim, comb through Fauzi's financial records. Check his bank accounts for any suspicious activity, and focus on the credit card account that was given to Clouder.
Eunice, talk to Clouder again. See if they can give us any more information. Yes, sir. Yes, I signed up for that credit card. But I never use it.
Why is that? I prefer cash. I use a credit card for emergencies only. Have you heard of Clouder? Clouder? Is it for checking the weather? How about Jake Collins, have you heard of him? No, I've never heard of him. Does anyone else have access to your credit card? No. I live alone. And have you used your credit card for anything at all? Contest or lucky draw? Or a special offer? Yes, there was a special offer. A free gift. I redeemed a water bottle.
Do you remember the name of the website or where you redeemed it from? No. My friend messaged me the link, and I just clicked on it. Why are you asking? Mr Fauzi, we suspect that your credit card has been used to make unauthorised transactions. Please call your bank immediately to cancel it. Okay... I spoke to Fauzi. He doesn't know anything about the case. There're no red flags or suspicious activity relating to his credit card or bank account.
He's clean, which means it's a dead end. So he's also a victim of identity theft, just like Jake Collins. Eunice, any updates? Can we assist you with anything further? Yes. Can you send us the transaction and communication records you had with the person posing as Jake Collins? Including the logs access? That might help us. Will do. I will compile everything and send it to you. Thank you. Did you uncover any fresh leads?
As a matter of fact, yes. Our team just surfaced it a few hours ago. One of the times when the imposter logged in to his Clouder account, his IP address originated from Singapore. So the imposter triggered Clouder's services from Singapore? According to Clouder, it was only once. But a Singapore IP address by itself doesn't necessarily mean anything. It's still a lead. Where did the IP address lead to?
To a retired couple in their 70s. Mr Ho Hup Yuan and his wife, Mrs Ho Soo Hoon. No prior records for both. Salim, do a deep dive into their financials.
Check for any links to Jake Collins, Fauzi bin Hamzah, and Clouder. Yes, sir. Clouder also sent the transaction and communication records between them and the person posing as Jake Collins. I will go through them and see if I can discover anything.
Okay. Salim, look at this. In his correspondence with Clouder, the imposter has been using this email address. But then, in one email reply, he used a different email address. He slipped up.
Olorin. Does it mean something to you? Olorin is the original name of Gandalf the Grey in "Lord of the Rings". So whoever the imposter is, this person is likely to be into fantasy fiction? Seems likely as it's not a commonly used user ID. If Olorin is not a commonly used name... Let's trawl the Internet and dark web. Go through social media, forums, photos, videos.
Olorin6565. Good idea. If it pops up anywhere else, we'll be able to trace any activities, interests or online presence that he has. And finally get a lead on this imposter's identity.
Any updates? We found a user ID linked to our impostor. Olorin6565. He left his trail all over the Internet. It looks like our imposter has a deep interest in fantasy fiction, tech and cryptocurrency. We've traced the social media accounts to a Ho Jun Jia. Unemployed. He has priors for traffic and drug offences. Ho Jun Jia.
Any relation to the Mr and Mrs Ho we looked at yesterday? He's their son. Same registered address too. Are they in cahoots? Maybe. Did you manage to find anything on the family's financials? Mr and Mrs Ho look clean, nothing suspicious. But Jun Jia's bank account tells another story. Several inflows from a cryptocurrency exchange, as well as multiple online purchases. Just as we suspected, he's using Clouder's computing power to mine cryptocurrency.
So Jun Jia impersonated Jake Collins and used his credit card to pay for the cloud computing services. Then Jake is left with the bill, but the cryptocurrency that has been mined belongs to Jun Jia. It's like he's converting Jake's credit to money for himself. Let's get him. I'm Senior Investigation Officer Tony Guee from the Technology Crime Investigation Branch.
-Are you Ho Jun Jia? -Yes. Please step outside. You are under arrest for offences under the Computer Misuse Act. Cuff him.
Do these all belong to you? There's this dark web forum, I go there to advertise my services. What services? People pay me to make fake US driving licences for them. Because of my services, I can access a "Staff/VIP" section.
In there, I found names, addresses and credit card information of about 70 people. Then I hit the jackpot! Jake Collins' credit card details for sale on the dark web! In the past one to two years, Jake Collins suddenly made it big in tech. I had Jake Collins' credit card details, but I was sure he would have enabled Two-Factor Authentication. If I used his credit card, he would get a One-Time Password notification via SMS or email. So I had to bypass that.
I created another email address, firstname.lastname@example.org I just had to remove an 's' in the email address. Barely noticeable unless you're paying attention. But to change Jake's email address in the bank's website, I had to answer a security question. Then I remembered an interview that Jake had done.
So, Jake... -Can I call you Jake? -Yes. Tell us, who is your greatest inspiration? Jeff Bezos? Steve Jobs? Bill Gates? All inspiring men, right? They are fantastic. But my inspiration is a little closer to home. My mum.
She is the most courageous woman I know. She'd always tell me these stories of when she was a kid. She would always get into trouble, and my grandmother would go, "Helena Worther, what did you do this time?" And she did it a lot. This was something that was always said. I'd love to meet Helena Worther one day. She's great...
Jake Collins probably forgot the security question he set when he first got the credit card. He wasn't even famous then. Now, thanks to his fame, I knew his mother's maiden name.
With that, I changed Jake's email address to the fake one that I had created. Now I had access to his credit card. Do you know the credit limit for someone who makes US$500 million in revenue a year? You wouldn't believe me even if I told you. But I needed a way to convert his credit into cash for me. I created a Clouder account with his credit card and the fake email address.
Then I bought cloud computing services and used it to mine cryptocurrency. I sold some cryptocurrency on a local website for about $350,000. I also used some to gamble. Is Jake Collins the only person you have impersonated? No. Just the most famous one. So how did Jun Jia end up sending Jake Collins' credit card bill to Clouder when he impersonated Fauzi bin Hamzah? He didn't say, but I guess he slipped up. Tried to juggle too many cons at once.
Just like how he slipped up with the email address. You know, if even a tech guru like Jake Collins can fall prey to identity theft, then anybody can become a victim. That's why we have to be more diligent about our privacy and data, and continue to spread awareness about it. In the case you have just seen, over US$5 million was cheated from a victim through credit card identity theft.
The magnitude and sophistication of the cybercrimes committed by the suspect was evident in how the offences spanned jurisdictions. Thanks to the ingenuity and tenacity of officers from the Technology Crime Investigation Branch, the suspect's malicious cyber activities were effectively disrupted. As identity theft becomes more common, members of the public are advised to be more vigilant about safeguarding your personal information and accounts. Follow these three tips. One, always enable Two-Factor Authentication on all online accounts. Two, remember to use strong passphrases and change them on a regular basis.
Three, never share your login details with others. If you own an Android phone, then you are in danger of falling prey to the Android malware scam. There has been a rise in scammers tricking victims into downloading malware on their Android phones. In the first quarter of 2023, at least $445,000 was lost to such scams. It begins when a scammer asks a victim to download an app to make reservations for home cleaning, restaurants, or other services and products. But the app contains malware, which will access the information on a victim's phone.
Once downloaded, the malware can steal the personal, credit card and banking details of victims. Scammers will then use such information to conduct unauthorised transactions and steal the money of victims. Today, we're going to see if the average person can tell whether an app is legit or not. All right, let's take a look at this app.
"Super stonks, invest with us today." If you click on "open"... Notice the battery? Suddenly, it's down to 5%. -Do you think this is legit or not? -I don't think so.
I think it's legit because sometimes, your phone just does that. Maybe you've been using it for a long time? -No...I don't think it's legit. -Why? The whole format looks very basic, and also, it's draining the battery, which means it might be mining something in the background or performing some other processes. Let's take a look, and you are right! Okay, next up, a workout app.
There is a new version of this app, and if I were to click on "update now"... Updating... It's kind of suspicious. -I think it's fake as well. -Why?
Usually, updates go through... the Google Play Store, or something like that. I think it's legit. Sometimes, with some apps, you can update it while the app is opened, you don't have to exit it and you don't have to go into the app store. That is absolutely fine.
All right, let's take a look at this one. The same app would like to access your SMS, would like to access your camera, would like to access your microphone. It doesn't seem legit. No, I don't think it's legit. I think it's legit. Does the app really need to use it? It depends, but nothing about the app is advertising cameras.
I usually just allow access. Regarding the SMS, maybe it's a reminder or something. If the app has to send you a notification, it does not need to access your SMS messages. It can still send you an SMS anyway, but you're giving it two-way access now. So this is something that you have to be very careful about because this app is indeed not legit.
Okay, the same app, asking you to sign up for an account. -Legit or not? -Legit, a lot of apps do ask for that. I think it's legit because apps sometimes do require you to create an account, so that they can store your information. In this case, it would be things like your workout information.
Smart girl! It is very normal for apps to ask that, to sign up for an account, so this is legit. Now let's check out this other one. Everyone smiles when they see this page. Mike Lim. What's happening in the background?
Fast cash, easy services. Downloading, downloaded. No, I don't trust Mike. -You don't trust Mike? -No... Immediately, this is a sign of a non-legit app because if there is an app that's downloading in the background without your permission, then obviously, it might be downloading a scam, it might be accessing different services on your phone.
But what can you do when this happens? Usually, I will look for it in the background and delete it immediately. Uninstall the app immediately? The thing you should do is put your phone on flight mode, and then go to the authorities. By uninstalling the app, it actually deletes traces of whatever the scammers have taken away from you. This is information that the police would need, so keep the app, turn on flight mode and go to the authorities. Okay, I'm just going to get your help to scan two QR codes, and then you tell me if these apps are legit or not.
This is not legit because it says "jailbreak". Firstly, it says "workout app premium hack". I've not really seen apps that say there's a hack to log in and get something free. This is not the official... Google Play Store, so generally, I would stay away from it. You got that right, Francis, this app is not legitimate.
-Okay, next up. -Okay. I think this is kind of legit. There are a lot of reviews, and there is a certification from a government technology agency. Personally, I don't think I would download it. -You won't download this app? -Yes. Now let me tell you this.
Please download it. Okay? The ScamShield app actually helps you to block blacklisted numbers, SMSes from potential scammers. The government team has been working very hard on this app to make sure that people do not get scammed.
So ScamShield is definitely legit. So how can we protect ourselves and our mobile phones from scammers who are trying to get in? You can ACT against scams. Remember, Add, Check, and Tell.
These three simple but important steps will safeguard you against scams. One, ADD the ScamShield app. The ScamShield app maintains a database of blacklisted numbers linked to scams.
So if a scammer messages you and gets you to download an app containing malware via Android mobile phones, ScamShield will be able to detect these messages and alert the users, protecting you and your phone from such scams. Two, CHECK for scam signs with official sources. Is your phone exhibiting signs that you have downloaded an app with malware? Go to the official website and check that the app is legitimate.
Also, remember to only download apps from official app stores such as the Google Play Store. Finally, TELL your family and friends about the Android malware scam. If you suspect you have fallen prey to the scam, tell the police immediately, call your bank, and turn on flight mode on your phone. If you need advice, you can also call the National Crime Prevention Council's Anti-Scam Helpline or go to its website.
Remember, we can all ACT against scams. Spot the signs, stop the crimes. We have come to the end of this episode of "Crimewatch".
I'm DSP Benjamin Tan. Until next time, do your part to prevent, deter and detect crimes. Captions: Gayle Mak, Mediacorp Pte Ltd