Ghost-Tapping: the new cybercrime technique challenging corporate security strategies

Digital fraud is evolving at an astonishing pace, fueled by accessible technologies and global criminal networks. In Southeast Asia, an innovative technique has been raising concerns among authorities and the business sector: ghost-tapping.

This scheme combines social engineering, theft of banking data, and the strategic use of luxury retail to launder money, creating an ecosystem that is extremely difficult to trace.

For banks, companies, and retailers, understanding how ghost-tapping works is essential to anticipating financial and reputational risks.

What is Ghost-Tapping?

Ghost-tapping  is a type of fraud that involves loading stolen credit or debit card information onto disposable mobile phones. These devices then operate as cloned digital wallets, enabling purchases in physical stores.

The process, step-by-step

  • Credential theft: criminals obtain data through phishing, social engineering, and mobile malware.
  • OTP interception: the one-time password sent to the victim is captured by hackers.
  • Loading onto phones: the data is transferred to prepared devices.
  • Sale on Telegram: “infected” phones are traded in underground groups.
  • Money mule operations: recruited individuals purchase luxury goods, which are then resold through the same channels.

The result is a cycle of fraud and money laundering that merges the digital environment with high-value physical transactions.

Criminal Channels and the Scam Infrastructure

Ghost-tapping is sustained by a robust network of criminal services. Platforms such as Huione Guarantee, Xinbi Guarantee, and Tudou Guarantee provide everything from specialized software to ready-to-use devices for fraudulent activities.

Even after the announcement of Huione Guarantee’s shutdown, groups continue to exploit its brand and alternative platforms to market these services.

In addition, Telegram has become a true parallel marketplace, where prepared phones and luxury goods acquired through fraud are resold, completing the criminal chain.

Singapore at the Center of Operations

Singapore, recognized as a luxury shopping hub and financial center, has become one of the main targets of ghost-tapping.

In the last three months of 2024, local police recorded 656 cases of stolen credentials, used in fraudulent digital wallets, resulting in losses of USD 1.2 million.

Recent arrests of Chinese and Taiwanese citizens highlight that foreign money mules are being drawn to the country exclusively to carry out the physical phase of the fraud.

Impacts on Companies and Strategic Sectors

  • Banks and financial institutions: face a growing risk of digital fraud and must adopt stronger multi-factor authentication along with real-time monitoring.

  • Luxury retail: stores become a vulnerable link, used as a channel to convert illicit money into tangible goods.

  • Companies in general: beyond exposure to financial losses, there is reputational risk and the need to strengthen compliance practices.

What International Organizations Are Saying

The United Nations Office on Drugs and Crime (UNODC) has been warning about the rapid growth of digital scam operations in Southeast Asia. According to the agency, these crimes are sustained by a complex ecosystem that provides technology, logistics, and money laundering services.

Ghost-tapping, therefore, is not an isolated phenomenon but part of a broader criminal machinery that connects different countries and economic sectors.

Conclusion and recommendations

Ghost-tapping highlights the adaptability of criminal organizations, which exploit digital and physical vulnerabilities in an integrated way. For companies, banks, and retailers, the challenge goes beyond technical prevention: it requires international cooperation, stronger compliance, staff training, and consumer awareness.

Anticipating these threats is not only a matter of security, but also of business strategy and protecting corporate reputation.