SINGAPORE – With this year’s sales season just around the corner, online shoppers will need to guard against a rise in package delivery phishing scams, which may involve scammers impersonating SingPost.

At least 631 of such scams have been reported since January 2024, with victims losing at least $1.1 million, police said in a Nov. 22 release.

Of these, at least 505 involved impersonating SingPost, with at least $955,000 lost.

Police advised people to be vigilant against such scams while waiting for their deliveries after major online shopping events, such as Singles Day, Black Friday, Cyber ​​Monday, 12.12 or Christmas sales.

With such scams, victims would receive a failed package delivery message to their address prompting them to click on a website link.

Those who click on the link to confirm their address will be directed to a phishing page that prompts them to key in their credit card details. This allows the fraudsters to then make unauthorized purchases using the victim’s credit card details.

Victims would only realize they were scammed after noticing unauthorized transactions on their cards or on their bank statements.

In its advisory, the police reminded the public that Singapore Post’s SMS sender ID is SingPost.

They added that payments to the postal provider will not be made through an online link. SingPost will also never request personal or banking information via SMS.

“If SingPost is unable to deliver an item, the public will receive a physical non-delivery notice to collect the item from a post office or POPStation,” the police said.

To avoid falling for such scams, police urged people to use the ScamShield app and set security features, such as transaction limits, on their debit and credit cards.

They can also enable two- and multi-factor authentication for their bank accounts and e-wallets.