Chat CIMB kena hack?
|
|
 Dec 16 2018, 11:28 PM
|
 
Junior Member
244 posts Joined: Jun 2006 From: the bolehland..  
|
QUOTE(Skylinestar @ Dec 16 2018, 11:24 PM) Bank so stupid no check thumbprint? I'm not sure with this, perhaps there could be other ways to bypass this. Perhaps a replacement credit card sent straight to the home address? It is easy getting CC replaced without going to the bank. Nowadays you don't need to go to banks to get things done. |
|
|
|
|
|
Dec 16 2018, 11:29 PM
Show posts by this member only | IPv6 | Post
#62
|
Senior Member
4,403 posts Joined: Jan 2007 From: Johor Bahru
|
QUOTE(Supreme1394 @ Dec 16 2018, 10:40 PM) Oh shit,,I login via the app yesterday, it prompted the captcha "click all the images containing traffic lights". So I did, should I be worried? Bank account still same balance. I kena also..but it was due to wrong password which I swear is correct. Dem..now I dun dare open to check the balance. |
|
|
Dec 16 2018, 11:30 PM
|
|
Junior Member
244 posts Joined: Jun 2006 From: the bolehland..
|
QUOTE(swks26 @ Dec 16 2018, 10:59 PM) CIMB increased the character count above 8 recently. But yes, it was mind boggling that they capped it at 8 before. Now they force you to add in special character in their password. Lagi menyusahkan. Really half pass six implementations. Instead of making life hard for 1 time, they make life hard everytime someone login! Their app and website really lack user-friendliness. I remember I send in CC enquiry via their website compose message box, the stupid bank officer have the cheek to ask for a reply reason. Problem is, there isn't a reply button! KNS.. I had to compose a new message again. This post has been edited by jimmyktp: Dec 16 2018, 11:34 PM |
|
|
Dec 16 2018, 11:34 PM
|
Junior Member
324 posts Joined: Mar 2008
|
QUOTE(jimmyktp @ Dec 16 2018, 11:12 PM) It is super easy. Omg shit... they dont check finger print when making a new IC ka?Coupled with installing Cerberus app on an unsuspecting phone, I can even read or send sms from my computer/phone Note: Cerberus is a legitimate app but could be easily misused. Let's take this as a scenario: 1. You went overseas for holiday bringing your phone with you. Someone knew you are not in the country. 2. Scammer goes to police station and make a report saying lost IC (pretending as you). 3. Using the police report, goes to make a temporary IC. 4. Using temp IC and police report, makes a report with telco to get them reissued a replacement sim card. 5. You realised your phone cannot use while you were in overseas. You didn't bother because you think you will sort it out when u come home. 6. Scammer can get banks to reissue a new CC, or if they already have your username and password, you GG because now any new sms from banks to you will be sent to the replacement sim card which is being held by the scammer. 7. See how powerful if someone gets your Phone Number?? A chain is only as strong as the weakest link. The phone number is the weakest link! *Happened to my friend's dad* A big foreign bank in Malaysia who is famous with issuing CCs wanted to sue my friend's dad* The suit was thrown out eventually. |
|
|
Dec 16 2018, 11:35 PM
|
Junior Member
53 posts Joined: Sep 2013
|
this recaptcha shit is fucking stupid, can they not disable this on their site?
|
|
|
Dec 16 2018, 11:36 PM
|
|
Junior Member
244 posts Joined: Jun 2006 From: the bolehland..
|
QUOTE(DeniseLau @ Dec 16 2018, 11:34 PM) Omg shit... they dont check finger print when making a new IC ka? That one I not sure, but it happened in 2005. Last time you need to hold your temporary paper IC for a month and wait for your MyKad. Now you can get it on the day itself. But what I wanted to stress here is, Phone Number is not a secure method especially for banks. This post has been edited by jimmyktp: Dec 16 2018, 11:37 PM |
|
|
|
|
|
Dec 16 2018, 11:37 PM
Show posts by this member only | IPv6 | Post
#67
|
Junior Member
67 posts Joined: Jan 2013
|
QUOTE(jimmyktp @ Dec 16 2018, 11:28 PM) I'm not sure with this, perhaps there could be other ways to bypass this. Perhaps a replacement credit card sent straight to the home address? It is easy getting CC replaced without going to the bank. I wanted to collect my replacement card from a designated branch but was told the bank does not allow that anymore and it MUST be couriered to me.Nowadays you don't need to go to banks to get things done. |
|
|
Dec 16 2018, 11:37 PM
|
Senior Member
3,968 posts Joined: Sep 2012
|
so what's the fuss now, because they publish this captcha thing without prior notice to us? Or were they legitimately hacked, that's why added this captcha thing? Or they dont have answer why got this captcha thing appearing for some users?
zzzzz |
|
|
Dec 16 2018, 11:38 PM
Show posts by this member only | IPv6 | Post
#69
|
Junior Member
183 posts Joined: Nov 2011 From: belakang lu bro
|
So cimb stock turun?
BBBBBBBB UUUUUUUU |
|
|
Dec 16 2018, 11:39 PM
|
Senior Member
545 posts Joined: Mar 2006 From: The Weirdo River O_o
|
Tried app login. Put in correct username and correct image and correct password. Immediately prompt alert ask me go to their website to change password. De fuck? I just successfully login last week.
|
|
|
Dec 16 2018, 11:39 PM
|
|
Junior Member
244 posts Joined: Jun 2006 From: the bolehland..
|
QUOTE(EdBaaBaa @ Dec 16 2018, 11:37 PM) I wanted to collect my replacement card from a designated branch but was told the bank does not allow that anymore and it MUST be couriered to me. If you not at home then GG lah.. If the postman/courier man hardworking, they will take it back. If not, they just drop into your house letterbox, even easier for the scammer to climb over your fence and collect the letter for u.. HAHA |
|
|
Dec 16 2018, 11:40 PM
|
Senior Member
3,669 posts Joined: Apr 2006
|
Aik? se7en keeps on changing the frontpage title.
|
|
|
Dec 16 2018, 11:42 PM
Show posts by this member only | IPv6 | Post
#73
|
Senior Member
686 posts Joined: Jun 2012 From: Egypt
|
so reCAPTCHA not an issue?
|
|
|
|
|
|
Dec 16 2018, 11:42 PM
Show posts by this member only | IPv6 | Post
#74
|
Junior Member
384 posts Joined: Feb 2005 From: Bahamut's Lair
|
We got so many aunties and uncles that can't even comprehend on how to login properly. 2FA will just make them think they're living in a different planet. Although I really want 2FA also, I can understand how it feels for the bankers to actually teach uncles and aunties about how to setup and actually use it.
|
|
|
Dec 16 2018, 11:43 PM
|
 
Admin
1,806 posts Joined: Jan 2003 From: Captain's Cabin, Black Pearl 
|
QUOTE(JohnLai @ Dec 16 2018, 11:40 PM) Aik? se7en keeps on changing the frontpage title. sorry about that, the more we dig, the more shit we are getting. for now, all i can say is this is going to be VERY bad. |
|
|
Dec 16 2018, 11:43 PM
Show posts by this member only | IPv6 | Post
#76
|
|
Senior Member
4,403 posts Joined: Jan 2007 From: Johor Bahru
|
Anyone can verify if I check balance using android CIMB apps with fingerprint will have issues or not?
|
|
|
Dec 16 2018, 11:43 PM
|
|
Admin
1,806 posts Joined: Jan 2003 From: Captain's Cabin, Black Pearl
|
QUOTE(alpha001 @ Dec 16 2018, 11:42 PM) so reCAPTCHA not an issue? i can safely say now, they abruptly implemented the recaptcha, to avoid further damage. |
|
|
Dec 16 2018, 11:44 PM
|
Junior Member
109 posts Joined: May 2013
|
QUOTE(alpha001 @ Dec 16 2018, 11:42 PM) so reCAPTCHA not an issue? Most probably no, the captcha reports back to genuine google servers |
|
|
Dec 16 2018, 11:44 PM
|
Junior Member
34 posts Joined: Jun 2006
|
i find it a bit odd that they introduce the recaptcha, at around the same time they introduce duitnow. i wonder if duitnow has caused some security issues.
|
|
|
Dec 16 2018, 11:44 PM
Show posts by this member only | IPv6 | Post
#80
|
|
Senior Member
3,669 posts Joined: Apr 2006
|
QUOTE(se7en @ Dec 16 2018, 11:43 PM) sorry about that, the more we dig, the more shit we are getting. for now, all i can say is this is going to be VERY bad. So.....I presume it is pointless for us to change cimb password right now?  |
| Change to: |  0.0151sec
 0.76
 6 queries
 GZIP Disabled
Time is now: 10th December 2025 - 05:32 PM |
Quote