Singapore lost S$913.1 million to scams in 2025 — a 17.9% drop from the S$1.1 billion recorded the year before, according to the Singapore Police Force’s Annual Scam and Cybercrime Brief 2025, released in February 2026. The number of cases also fell by 27.6%, from 51,501 to 37,308. The headline figures suggest progress. But a closer look at the data tells a more troubling story: the average loss per victim is rising, artificial intelligence is making scams harder to detect, and a new category of deepfake-enabled impersonation scams is emerging that even tech-savvy individuals struggle to identify in time.
Why Scams in Singapore Are Getting Harder to Spot in 2026
Eddie Jui, a Singapore taxi driver and YouTuber known as LazyCabbie, nearly lost his YouTube channel — and everything on it — to a scam that unfolded over more than two weeks. The approach began with a professional-looking collaboration offer from what appeared to be a marketing agency he had worked with before. There were no suspicious links, no grammatical errors, no sense of urgency. The email looked legitimate down to the sign-off and social media buttons.
“The way they write is very professional — even the sign off and everything,” Jui said. “I kind of let my guard down.” (LazyCabbie, YouTube)
The scammers exchanged six to seven emails with Jui over the course of the campaign before making their move — an invitation to a video conference, followed by a request for remote access to his computer under the guise of helping him connect to the call. Jui refused at the last moment.
“They are very patient now. They don’t give you that urgency at the first point of contact. They hook you in first with something legit that’s relevant to your trade — and then they slowly throw in the urgency factor,” Jui said. “That’s the scary part.” (LazyCabbie, YouTube)
What Jui encountered is part of a documented and growing threat. According to a December 2024 report by Cybernews, one threat actor alone was using 340 SMTP servers, each sending 500 to 1,000 phishing emails daily, targeting YouTube creators with fake brand collaboration proposals. Jui’s instinct to refuse remote access likely saved his channel and personal data. But the scam he faced is just one of at least six prevalent types now targeting people in Singapore.
E-Commerce Scams: The Most Common, But Least Costly Per Victim
E-commerce scams remained the most frequently reported scam type in Singapore in 2025, with 6,703 cases and total losses of S$16.7 million — an average of S$2,503 per victim. The typical modus operandi involves a fraudulent seller on Carousell or Facebook Marketplace who collects payment for an item — commonly concert tickets, electronics, or hotel bookings — and disappears.
In December 2024, a variant targeting sellers rather than buyers emerged: scammers posing as buyers on Carousell and Facebook Marketplace defrauded at least 877 individuals of more than S$830,000 by tricking them into providing banking details through spoofed websites. According to SPF data, Carousell accounted for 75.5% of e-commerce scam cases in 2025, followed by Facebook at 18.6%.
Both Carousell and Facebook Marketplace have remained in the bottom tiers of Singapore’s E-commerce Marketplace Transaction Safety Ratings since the system launched in 2022, according to the Ministry of Home Affairs.
Phishing Scams: Spoofed Senders, Real Consequences
Phishing scams accounted for 6,264 cases in 2025, with S$39.9 million lost — down from S$59.4 million in 2024. The method is familiar: a fake SMS or email impersonating a bank or government agency, with a link to a spoofed login page that harvests credentials and one-time passwords in real time.
What has changed is the sophistication of the spoofing. Scammers have been impersonating official government sender IDs, including gov.sg domains, to lend messages an air of authority. In November 2025, Singapore authorities issued identifiers to Apple and Google to implement measures preventing the spoofing of government agency names in SMS headers.
In a separate joint advisory issued in March 2025, the SPF, Monetary Authority of Singapore, and Cyber Security Agency warned of AI-generated deepfakes being used to impersonate senior company executives over video calls, instructing employees to transfer funds from corporate accounts.
Job Scams: Simple Tasks, Serious Losses
Job scams recorded 5,575 cases in 2025 with S$123.5 million in losses — an average of S$22,163 per victim, making each incident significantly more damaging than the typical e-commerce or phishing case. The scam formula is consistent: a victim encounters an advertisement on social media or receives an unsolicited message on Telegram or WhatsApp offering easy, high-paying online work — rating apps, writing reviews, or completing simple tasks to boost product visibility.
Once engaged, victims are asked to pay upfront deposits or activation fees before they can begin. The work never materialises. In November 2025, SPF issued an advisory on a specific variant involving fake online business tasks that had already produced at least 215 reported cases and S$10.6 million in losses from October 2025 alone.
Investment Scams: The Biggest Money Loser
Investment scams were responsible for the largest share of scam losses in Singapore in 2025 — S$336.2 million across 5,462 cases, at an average of S$61,559 per victim. The category covers a range of approaches, but the most financially devastating typically follow a romance-investment hybrid model: a stranger makes contact via social media or a dating app, cultivates trust over days or weeks, and then introduces a supposedly high-return cryptocurrency or forex investment platform.
The platforms are fraudulent. Victims can often see apparent gains in their accounts, but find they cannot withdraw funds without paying additional fees — which disappear along with the entire balance.
AI is now accelerating these scams at scale. In October 2025, cybersecurity firm Group-IB identified a large-scale operation that misappropriated the likenesses of Prime Minister Lawrence Wong and Coordinating Minister for National Security K. Shanmugam to direct Singaporeans toward a fraudulent investment platform, using paid Google Ads and convincing fake webpages to appear credible.
Government Official Impersonation Scams: The Fastest-Growing Threat
No scam category grew faster in 2025 than government official impersonation scams. Cases more than doubled — from 1,504 in 2024 to 3,363 in 2025 — with losses reaching S$242.9 million, the second-highest of any category. The average victim lost S$72,229.
The most alarming documented case came to light in May 2026. According to SPF, a Singapore businessman received a WhatsApp message from someone posing as the Secretary to the Cabinet, Wong Hong Kuan, inviting him to a virtual meeting with Prime Minister Lawrence Wong. He was directed to a Zoom call — fabricated using deepfake AI technology — that appeared to feature PM Wong, President Tharman Shanmugaratnam, Minister Indranee Rajah, and representatives from the Monetary Authority of Singapore, alongside foreign officials purportedly from Canada and the UAE, and executives from BlackRock and the Dubai International Financial Centre.
The meeting centred on a fabricated briefing about the geopolitical situation in the Strait of Hormuz. It ended with a deepfake of PM Wong delivering closing remarks that personally acknowledged the victim’s attendance by name. Following the call, a scammer posing as a lawyer instructed the victim to transfer S$4.9 million as “urgent funding assistance” to the government. The victim complied before growing suspicious and contacting the real Secretary to the Cabinet. SPF released footage of the fabricated Zoom call on 16 May 2026. None of the participants were real.
Creator-Targeted Scams: An Emerging Sixth Category
While not yet a standalone category in SPF’s annual brief, scams targeting content creators represent a growing and documented threat — particularly for Singapore’s expanding creator economy. The method is distinct from conventional phishing. Rather than a mass-blast email with an obvious lure, these scams are precision-engineered for individual creators. According to a Bitdefender report, cybercriminals increasingly approach social media creators with fake sponsorship deals, fake AI-powered software offers, or collaboration proposals — gaining trust before deploying malware or requesting remote access.
Once a scammer gains access to a creator’s account, the channel can be locked, held for ransom, or used to livestream cryptocurrency scams to the creator’s audience. The account may also be sold on darknet markets.
LazyCabbie’s Eddie Jui came close to experiencing exactly that. He describes the evolution of the threat in terms that align with what cybersecurity researchers are now documenting formally.
“Last time, scams were more straightforward. The Nigerian prince era — you’d see it coming a mile away. Now, everything looks legit. The English is perfect. The sign-off is proper. Even got reference numbers and social media buttons,” Jui said. “And now, any Tom, Dick and Harry can write a professional business email because of AI.” (LazyCabbie, YouTube)
Jui’s channel, which has almost 20,000 subscribers and has been featured by Mediacorp and The Straits Times, was the target of a multi-week operation involving at least six to seven email exchanges before the scammer made their move. The campaign ended only when Jui refused a remote access request — an instinct, he says, he cannot fully explain.
“I don’t know why — all of a sudden I woke up from it. I was so into it already,” Jui said. “I said: I was so close to losing everything.” (LazyCabbie, YouTube)
How to Protect Yourself from Scams in Singapore
The SPF’s data makes clear that no demographic is immune. Adults aged 30 to 49 made up the largest share of victims in 2025 at 36.1%, while the elderly — though fewer in number — lost an average of S$33,672 per case. Tech literacy does not guarantee protection. As Jui put it after his own near-miss: “Even though I’m quite savvy in tech and IT — even so, how cautious I am — I can also fall into it.” (LazyCabbie, YouTube)
Verify before you act. Any unsolicited contact — whether by email, WhatsApp, Telegram, or phone call — that requests money, credentials, or remote access should be independently verified through official channels before any response. Scammers routinely spoof email addresses, phone numbers, and sender IDs. If a message claims to be from a government official, call the relevant agency directly using the number listed on their official website — not a number provided in the message itself.
Treat urgency as a red flag. Manufactured urgency is a core social engineering technique across every scam type covered in this article. Legitimate government agencies, employers, banks, and business partners do not require immediate transfers, same-day decisions, or real-time remote access. If a communication creates sudden time pressure — particularly after a period of relaxed, professional-seeming exchanges — that shift in tone is itself a warning signal.
Never grant remote access to your devices. No legitimate organisation — including government agencies, banks, or employers — will request remote control of your computer or phone as part of a routine process. Once remote access is granted, credentials, session tokens, and account access can be exfiltrated within minutes.
Use Singapore’s built-in protective tools. The ScamShield app, developed by the National Crime Prevention Council and GovTech, filters scam calls and SMSes. The Money Lock feature, available across major Singapore banks, allows users to ringfence savings so they cannot be transferred digitally even if an account is compromised. As of December 2025, nearly 479,000 customers had locked up close to S$44 billion through this feature.
Be especially cautious on Carousell and Facebook Marketplace. Both platforms have remained in the bottom tiers of Singapore’s E-commerce Marketplace Transaction Safety Ratings. Use in-platform payment methods, avoid external payment links, and use Carousell Protection for online transactions.
For content creators specifically, the threat profile is different. A professional-looking email, a known brand name, and weeks of friendly exchanges are no longer sufficient indicators of legitimacy. Verify all meeting links independently. Treat any request for remote access as an immediate termination of the engagement. Enable two-factor authentication on all Google and YouTube accounts and consider a hardware security key. As Jui noted: “Any point of time you let your guard down — only then they attack you.” (LazyCabbie, YouTube)
If you believe you have been targeted, report to SPF via the ScamShield website, call the 24-hour Anti-Scam Hotline at 1800-722-6688, or file a report at police.gov.sg. Contact your bank immediately if funds have been transferred.
What Singapore Is Doing to Fight Back
The SPF’s Anti-Scam Command (ASCom) recovered S$140.5 million in 2025, comprising S$117.7 million in fiat currency and S$22.8 million in cryptocurrency. A further S$348 million in potential losses was averted through proactive interventions, including SMS alerts sent to more than 26,000 potential victims. Seventeen transnational scam syndicates were busted through Project FRONTIER+, and Singapore’s Crypto Tracing Team, operationalised in March 2025, recovered more than S$20 million in virtual assets.
Caning for scam-related offences was operationalised on 30 December 2025. Scammers now face mandatory caning of at least six strokes and up to 24 strokes. As of 9 February 2026, a new framework had placed 550 money mules, 801 SIM card mules, and 51 corporate entities under banking and digital access restrictions. GovTech Singapore has also joined the Global Signal Exchange in partnership with Google, Microsoft, Meta, and Amazon — enabling Meta to uncover an additional 47,000 malicious assets across its platforms.
Despite the progress, the fundamental economics of scam operations remain unchanged. The UN Office on Drugs and Crime estimates that Southeast Asian scam compounds generate just under US$40 billion in annual revenue. Crackdowns on Myanmar’s KK Park and other compounds have produced temporary dispersals, not permanent closures. As long as the returns remain this large, the methods will keep evolving — and the targets will keep expanding.
