7 months ago, ....

Banks to tighten security, remove clickable links in SMSes or e-mails sent to retail customers, within the next two weeks after OCBC phishing scams

https://www.straitstimes.com/business/banki...curity-in-spore

Malaysia has yet to implement it.


This post has been edited by MUM: Aug 22 2022, 06:18 AM

From my past several months observations,i feel that the most dangerous banks are hong leong bank and CIMB, second most dangerous banks are rhb,ambank and public bank.The rest also got theft cases but not so many.

https://www.facebook.com/ohmedianetwork/pho...63324840519572/

tabung haji also kena nowadays



This post has been edited by download88: Aug 30 2022, 03:25 PM

Maybank ?

2 more cases reported.

RM7k HLB



RM82k
https://www.enanyang.my/%E8%A6%81%E9%97%BB/...%84%E5%89%A9800

PBB 7SEP2022

https://www.facebook.com/groups/10624883604...sn=mo&ref=share

Yea, how about Maybank too?

Could be cause of these banks are more popular and have more customers thus looks to be having higher fraud rates, while "the rest" looks to have lesser cases as with lesser customers, likely.

This was implemented at the bank I was working at. On one hand, we received loads of customer complaints because trying to navigate over to the location was difficult and without the link the call to action, this brought the numbers of conversions down by double digit from both a sales perspective.

I just received this email. No sender's email, don't know the guy in the photo. Scary



This post has been edited by LemonJane: Sep 20 2022, 02:00 PM

This is why I have changed my TAc SMS to a Nokia dumb phone with no data line.

BNM unveils new measures to strengthen safeguards against financial scams

https://www.thestar.com.my/business/busines...#openShareModal

KUALA LUMPUR: Bank Negara Malaysia (BNM) today announced five additional security measures to be taken by financial institutions in a bid to strengthen safeguards against financial scams, especially online ones.

Governor Tan Sri Nor Shamsiah Mohd Yunus said the modus operandi used by criminals will continue to evolve.
"BNM is therefore continuously intensifying efforts and taking steps to combat scams by introducing additional controls and safeguards from time to time,” she said at the launch of the virtual Financial Cime Exhibition today.


Among the latest measures is requiring financial institutions to migrate from SMS One Time Passwords (OTP) to more secure forms of authentication for online activities or transactions relating to account opening, fund transfers and payments, as well as changes to personal information and account settings.

Nor Shamsiah said financial institutions will also further tighten fraud detection rules and triggers for blocking suspected scam transactions.

"Customers will be immediately alerted when any such activity involving their banking accounts is detected. As an additional measure, financial institutions will block such transactions, and customers will be asked to confirm that such transactions are genuine before they are unblocked,” she said.

Third, a cooling-off period will be observed for the first-time enrolment of online banking services or secure devices, during which no online banking activity is allowed to be conducted.

Moreover, the governor said, customers will be restricted to one mobile or secure device for the authentication of online banking transactions and financial institutions will be required to set up dedicated hotlines for customers to report financial scam incidents.

"Financial institutions have been directed to be more responsive to scam reports lodged by customers. They have also been directed to facilitate efforts to recover and protect stolen funds, including to work with relevant agencies to prevent further losses,” she said.

Nor Shamsiah noted that BNM requires banks in Malaysia to adopt high standards of security, especially for Internet and mobile banking services.

"From time to time, the central bank also issues security advisories to the financial industry highlighting the latest modus operandi of scammers and additional security measures that banks need to implement to protect their customers' savings,” she said.

Nor Shamsiah said the Royal Malaysia Police (PDRM) plays an important role in combating scams, and has implemented various initiatives on this front, including establishing the Commercial Crime Investigation Department (CCID) Scam Response Centre to facilitate the public’s reporting of financial scams.

"BNM will work together with PDRM, the Malaysian Communications and Multimedia Commission (MCMC), and the National Anti-Financial Crime Centre to further elevate the CCID Scam Response Centre as a more systematic information sharing platform that will enable quicker action to prevent further losses,” she said.

According to her, an important aspect in dealing with financial scams is raising public awareness, including of scam tactics used by criminals and the steps that the public can take to avoid becoming victims.

"In this regard, BNM, the financial industry and law enforcement agencies will continue efforts to enhance the effectiveness of awareness programmes and improve on the dissemination of information to the public,” she added.

The virtual Financial Crime Exhibition, organised by the the Museum and Art Gallery of BNM together with PDRM, is aimed at educating the public on financial fraud and can be accessed at https://museum.bnm.gov.my/fce.

It was officiated jointly by Nor Shamsiah and Inspector-General of Police Tan Sri Acryl Sani Abdullah Sani. - Bernama

Another simple method. Allow user to disable midnight transactions. Say between 12am to 7am. A lot of cases happens when you are sleeping. Surely most people don't do shopping midnight (unless got those sales) and anything so urgent meh? Can always wait to transfer in the morning.

seem like great idea but why separating tac phone and bank apps ya?
sad that we need to take all these security precautions on our own hand

Because smartphone too smart. One of the common hack is via malware downloaded, once they have your Id and password, they need the TAC to make setting changes and transactions approval. If the TAC is sent to the same phone (usually it is for most people), they will be able to redirect that TAC to them and delete the TAC from your phone, hence a lot of cases users claim didn't receive any TAC. If your TAC is received on the dumb phone, even your smartphone hacked, they can't do anything because they don't have the TAC. It is near impossible to hack dumb phone...no app store to download, don't have USb port, and don't subscribe any data line to it.

Woah quite detail tips...
👍

Or user set which time period to do transactions.... Give options to disable from time to time 💪

No longer useful once banks retired TAC and migrate to SecureTAC next month.

I will update the process next month again.

Many banks allowed separate numbers for TAC and emergency.

Why separate? Because scammers can spoof the bank's phone numbers.

If everything goes to your only number, scammers can exploit it easily with apps or links.

1. Use Truecaller to identify and filter out known scammers. Install on both phones if possible.

2. On primary phone, u can install the usual social media and messaging apps but no banking related or wallet apps.

3. On secondary phone, use a different number solely for data but block all incoming and outgoing calls. U then install all banking related apps like normal. Activate SecureTAC on the bank apps and tie to the secondary phone number only. A dumb phone no longer useful due to the lack of TAC. No social media or messaging apps.

4. Be sure to fill in your contact numbers properly. For the bank to contact u, use the primary number and for SecureTAC, use the secondary number. Some banks may require u to enter the secondary number from the ATM or online.

For my case, I'm using the A72 as primary phone with everything loaded. For secondary phone, I opt for OnePlus 7 solely for banking related apps. Has a separate number with Truecaller installed to monitor which calls coming in. U may set the app to block all calls not in the contact list for extreme security.

As for the monthly cost, it is RM 38 (U Mobile) for primary phone and RM 28 (DiGi) for secondary.

Simple security tips.

** Updated 27/09 to support SecureTAC only **

Problem is there are still some banks that use TAC and some mixed. I am not sure which is which, some bank still use TAC when you change your settings like transactions limit etc.