How the scam was done:-
1. The victim downloads an app.
2. Once the app is downloaded, it grants the scammer full REMOTE access thru auto-reconfiguration of software, even turning off ring tones and more.
3. With remote access granted, the scammer will search thru files that contains passwords to bank or CPF account.
4. With such remote access, the scammer's computer screen SHARES the same screen with the victim's handphone or home computer.
5. The scammer will wait till the victim falls asleep, then start using the passwords to open up bank/CPF account, or when there is no activity from victim's hp.
6. As the scammer can see everything on the victim's handphone screen, it will be able to see any OTP sent to the phone, & use it to authorize transfers
7. The victim, who is either busy or asleep, is unaware of whatever that is happening to his phone, till he touches his phone or called by the bank or sms.
Therefore, have 2 phones & 2 bank accounts - one that is secure & only necessary apps such as from verified govt websites & banks. The other phone will be for recreational purposes, for videos, games & purchases linked to another bank account that has only $200, or top up only when necessary.