Singapore’s Ministry of Home Affairs (MHA) has announced that Carousell and Facebook Marketplace must authenticate the identities of all sellers if they do not significantly decrease the number of scams reported on their platforms.
Initially, these platforms must focus their verification efforts on so-called risky sellers. The MHA will assess the effectiveness of these measures over the next six months. Should the number of scams not drop considerably, a more comprehensive identity verification will become mandatory.
Effective June 24, 2024, the new measures introduce codes of practice for online communication and e-commerce services. These include an e-commerce code that mandates user verification against government-issued records and the implementation of payment protection mechanisms.
By December 31, platforms such as Facebook, WhatsApp, Instagram, Telegram, WeChat, and Facebook Marketplace, known for their scams, must adhere to these codes. Failure to implement these measures adequately could result in further requirements and potential criminal penalties.
“I believe these new regulations put Singapore in the right direction,” said Abhishek Kumar Singh, Head of Security Engineering at Check Point Software Technologies. “This is because there is currently no regulation that can effectively verify seller identities on these marketplaces. This year alone, it was reported that there have already been over 400 victims allegedly losing SGD1.8 million to fake buyer phishing scams on Facebook and Carousell. This alarming trend does indeed highlight the need for more stringent measures to protect consumers.”
“Enforcing user verification against government-issued records and establishing payment protection mechanisms is essential for accountability,” he added. “This approach should also help to lower the risk of recent surfacing threats like QR code phishing, where scammers distribute fake QR codes that lead users to malicious websites or apps designed to steal personal information or money, and social engineering attacks, such as impersonation tactics on social media platforms, aimed at tricking users into disclosing sensitive information or making fraudulent transactions.”
