The Immigration and Checkpoints Authority (ICA) has suspended its electronic Change of Address (eCOA) service after uncovering about 80 unauthorized attempts to fraudulently change residential addresses using stolen or compromised Singpass accounts.
The fraudulent activities targeted the “others” option in the eCOA service, introduced in October 2020 to allow proxies to assist individuals in updating their addresses online. This module has been temporarily disabled while the rest of the eCOA service is under review, slated to resume on Jan. 14 with enhanced security measures.
How the Fraud Was Carried Out
The perpetrators exploited compromised Singpass accounts by acquiring victims’ NRIC numbers and issue dates, enabling them to change addresses through the eCOA service. A verification PIN mailer was sent to the new fraudulent address, which the perpetrators used to confirm the change. This new address was then used to reset Singpass account passwords, allowing access to the victims' accounts for further criminal activity.
According to ICA Commissioner Marvin Sim, the motive appeared to be the creation of mule accounts to facilitate scams and cybercrimes. There was no indication of foreign actors’ involvement, and the suspects are believed to be locals.
ICA's Response
Following reports of unauthorized changes since September 2024, ICA launched investigations that revealed a growing number of cases, prompting immediate action. Commissioner Sim stressed that the issue was not due to a system glitch but a deliberate misuse of the service.
In a press conference, Sim assured that ICA is committed to acting decisively against such activities and emphasized the importance of protecting personal data and public trust in digital government services.
Enhanced Security Measures
To prevent future misuse, ICA announced plans to introduce face verification technology for Singpass logins and is considering a One-Time Password (OTP) requirement for the proxy module. The OTP would ensure that individuals explicitly authorize address changes made by proxies.
The proxy option will remain suspended until ICA is confident that additional safeguards are effective.
Support for Affected Individuals
ICA is assisting victims by reverting their addresses and replacing compromised NRICs with updated issue dates. Those whose Singpass accounts may have been compromised will have their accounts reset in collaboration with GovTech.
Members of the public are encouraged to verify their registered addresses on ICA’s website and report any inaccuracies immediately.
Interim Measures
While the eCOA service is temporarily unavailable, individuals needing proxy assistance can visit the ICA Building’s IC Unit during operational hours.
The Singapore Police Force (SPF) confirmed that investigations are ongoing but declined to comment on whether arrests had been made or if other government services had been accessed using compromised accounts.
Comments
Post a Comment