What if you received the TAC in a separate phone,  but revealed it to the scammer?

Never reveal your OTP/TAC to any third party even if the party requesting for such information claims to be from a financial institution, Bank Negara Malaysia or other government agencies.
https://www.rhbgroup.com/others/fraud-aware...ment%20agencies.

nothing to do with malicious apk files and all these bull la at this point in time. There are already statements made by those impacted that they did not install or have clicked on any linked in emails etc.

Banks have to investigate if police says this is not in their purview to investigate. If not it's up to BNM to find out what is the issue.

For now.. you do what you need to safeguard your hard earned money. If banks does not strike confidence from their investors is their problem that people would not put more cash in banks moving forward.

Steps I've taken to protect myself.
- Only have less than 5k at one time in bank.
- Keep more in EPF which requires more manual intervention.
- Limit bank footprint. Have only 1-2 banks.
- If possible have overseas bank if you're able.
- Keep some in cryptos. You are your own bank.
- Keep in physical assets. gold/silver.

Other possiblities:
- Joint account which requires 2 person to remove cash.
- Put money in investment platforms that uses more secure 2FA authentication like 30secs codes i.e google authentication type of platform.
- Secure your email with Yubikey as recovery and Remove your phone number from Gmail recovery procedure.

🤔🤔Then it is the problem of the "smartphone"  as it allowed downloads of apps that may hv hacking virus...
Not so much of the dumb phone problem...  Thus have the extra dump phone just to receives TAC (as you suggested earlier) may not helps much.

1. Use Truecaller to identify and filter out known scammers.

2. On primary phone, u can install the usual social media and messaging apps but no banking related apps.

3. On secondary phone, use a different number solely for data but block all incoming and outgoing calls. U then install all banking related apps like normal. Link TAC number with dumb phone below. No social media or messaging apps here.

3. On spare dumb phone, use a new number solely for receiving TAC and block in incoming and outgoing calls.

For my case, I'm using the A72 as primary phone with everything loaded. For secondary phone, I opt for OnePlus 7 solely for banking related apps. Has a separate number and cannot receive or make calls. All blocked on the phone itself. And finally, an old Nokia 106 solely for receiving TAC and cannot make or receive calls too. Plus, it is small enough to be in the pocket most of the time. Only need recharging every 2 weeks.

As for the monthly cost, it is RM 38 (U Mobile) for primary phone, RM 28 (DiGi) for secondary and finally RM 3 (Yoodo) for SMS.

Simple security tips.

Let me guess, it's from the 63001 number? 

That's the number I just got it from. Might be legit since the url is the same as what cimb uses but I still wouldn't click on it. It might just be a mistake since our local retards banks tend to make a bunch of stupid mistakes like that. Hong Leong did a system wide nonsensical test message the other day via their app and then said sorry later.

seem like great idea but why separating tac phone and bank apps ya?
sad that we need to take all these security precautions on our own hand

1. Use Truecaller to identify and filter out known scammers. Install on both phones if possible.

2. On primary phone, u can install the usual social media and messaging apps but no banking related or wallet apps.

3. On secondary phone, use a different number solely for data but block all incoming and outgoing calls. U then install all banking related apps like normal. Activate SecureTAC on the bank apps and tie to the secondary phone number only. A dumb phone no longer useful due to the lack of TAC. No social media or messaging apps.

4. Be sure to fill in your contact numbers properly. For the bank to contact u, use the primary number and for SecureTAC, use the secondary number. Some banks may require u to enter the secondary number from the ATM or online.

For my case, I'm using the A72 as primary phone with everything loaded. For secondary phone, I opt for OnePlus 7 solely for banking related apps. Has a separate number with Truecaller installed to monitor which calls coming in. U may set the app to block all calls not in the contact list for extreme security.

As for the monthly cost, it is RM 38 (U Mobile) for primary phone and RM 28 (DiGi) for secondary.

Simple security tips.

** Updated 27/09 to support SecureTAC only **

Starting next month, no more TAC according to BNM.

starting next month?

didnt see BNM set a deadline though. they just put some guidelines and recommendations.

Actually whenever there is any security update / patch, i will always run and install it. Where some old ppl say do not upgrade it as it slow down your phone. Im like ... ??? What? ~

Reason ambank set not gonna support those device below android 10 below, i guess its because, Android 10 and above has more security restriction.

Yeah, where can change so fast. This is Malaysia. They will drag another 6 mths or more if no deadline. Malaysia boleh.