Select Page
Singapore Authorities Warn Against Unauthorised Contactless Payment Fraud

On 17 February 2025, the Singapore Police Force (SPF), Cyber Security Agency of Singapore (CSA), and Monetary Authority of Singapore (MAS) jointly issued the Joint Advisory on Unauthorised Card Transactions Made Using Contactless Payment Methods in Singapore. The advisory reminds the public to exercise caution when entering credit card details online and highlights the increasing abuse of phished card credentials by scammers.

According to the advisory, fraudsters typically obtain victims’ card credentials through e-commerce phishing websites and social media advertisements. Once they acquire the information, the scammers add the stolen card details to an Apple wallet on their own devices. Victims are then tricked into entering an SMS One-Time Password (OTP) on the fraudulent website, granting scammers full control of their cards. The scammers collaborate with money mules, who use mobile devices linked to the fraudulent Apple wallet to make in-person purchases via Near Field Communication (NFC) mobile payments, commonly used for buying luxury goods and high-value electronics.

From 1 October to 31 December 2024, 656 reports were lodged regarding phished card credentials being used in mobile wallets, with total losses exceeding $1.2 million. Of these cases, at least 502 involved Apple Pay-linked cards.

The SPF, CSA, and MAS are working with banks, mobile wallet providers such as Apple, and card service providers to implement additional measures to curb these fraudulent transactions. Authorities urge all stakeholders to cooperate and strengthen security measures to protect consumers.

To prevent falling victim to such scams, the advisory recommends the “ADD, CHECK, and TELL” approach. Users are advised to install the ScamShield app, lower transaction notification thresholds, and disable international card usage when not travelling. They should also monitor OTPs and transaction alerts, report any unauthorised provisioning of their cards to a mobile wallet, and exercise caution with unsolicited links and QR codes.

(Source: https://www.mas.gov.sg/news/media-releases/2025/joint-news-release-by-spf-csa-and-mas)