The arrests come after ICA revealed on Jan 11 that perpetrators were exploiting stolen or compromised Singpass accounts to fraudulently alter the addresses of unsuspecting victims.
ICA’s investigations began in September last year after receiving reports from members of the public who encountered unauthorised changes to their residential addresses.
By last December, it found that the perpetrators had used stolen or compromised Singpass accounts to change the residential addresses of the victims through the “Others” option – which allows the change of address by a proxy.
The police said that following the discovery of the series of unauthorised attempts to change registered residential addresses, they visited the addresses of those affected.
“Four out of 32 valid addresses to where PIN mailers were sent were found to have unsecured or faulty letterboxes, and this would have enabled the perpetrators to easily get the PIN mailers,” the police noted, adding that the victims were advised to secure their mailboxes.
Investigations are still ongoing and the police said on Friday they will spare no effort to track down further suspects.
The offences under the Computer Misuse Act carry jail sentences of up to three years, fines of up to S$10,000, or both.
