Singapore residents have been targeted in a new scam where they receive a phone call purportedly from the delivery service DHL that request personally identifiable information.
Trend Micro said the campaign was first spotted during the first quarter of 2016. Each attack kicked off with the victim receiving a phone call saying they had received a package and then asked for information including name, address, National Registration Identity card number, passport number and bank account details so the package could be tracked down.
To add insult to injury, and steal even more information, the cybercriminals in some cases asked for the victims to download malicious apps. The app would allow the thieves to intercept any text authentication codes sent by a bank.
Trend Micro reported it used information from Google Play to pin the app developer's location to Taiwan.
