Never save cc details in any online platforms? Did you?
Jgn malas, key in new as and when in use.

previously kena suddently got call from SC said ada purchase onlyfan ke amount 400+ usd..gile betul lucky SC call dlu b4 release

This one satisfied already, then tell bank is unauthorised.

my phone felt a bit buggy for couple of days. and microsoft defended told me got some shit virus detected and removed. after that, I got scared and went to sign up malwarebyte for 2 years... and than the next day kena microsoft charge usd9... trus... call Maybank to repot fraud.


I am suspecting some of those file shared by those massive whatsapp group is very questionable. even though I never open those shared "apk" or other application for sideloading to the car's infotainment system.

Other than that is some pdf or other documents constantly being shared. While I strictly warn my Boss, pls do not ask your other Boss to send me questionable NSFW type material to my phone, since I use it for work, banking and personal... so sus....

my wife uob CC just got hacked, 9 transactions, online book and gaming purchase all in usd .Luckily not much . it was like 0.99, 1.00, 19.99 usds.
happened early morning like 4.30am to 5.30am. direct call bank to block the card.

i no longer using credit card only debit card

and nowadays, those digital bank got saving pot , so if got extra money, put in saving pot and earn interest daily and dont have to worry about unauthorise card transaction

mine also kena for replacement card harimau amex

macam insider job... why replacement only kena?

Ya, using android, older version Note 8. Need to throw already, buttons keep coming out and no longer have any software update. My previous phone (before kong) acting weird like kena hack (a lot of spam calls and OTP messages saying that i subscribed for ....).

I think android phone r really prone to malware.


me poorfag, milo tin available.

Never download .apk files, mainly on Pdf.



Hong Leong's AI is a bit retarded.

Anyway, so far not encountered any problems, I transferred RM 50k for bill payment using credit card via jompay, system just jalan like usual but UOB immediately block, have to get pre-authorization each time.

I downloaded Malware detection apps also, after screen, found nothing. Delete and then install another app to scan but still nothing.

Hardly download any files from whatapp unless i trust the person.

Anyway, transaction done on phone X with my credit card, how did he know to get the OTP from phone Y? Unless, manage to hack both phones?!?

1st replacement - the CVC and expiry date not visible anymore. The bank says, "Okay, replace with same 16 digit credit card number but different CVC and expiry date only."

The only different shopping pattern is that we started to buy stuff from Shoppee in conjuction with PayDay Sale.

I don't think is an inside job by the bank side but more only third party platform or my phone compromised.

may be worth it to do a full factory reset. on both devices.

back up everything, deregister your device from all banking apps.

then do a reset.

what malware detection app are you using?

android more prone to malware because of sideloading, a double edged sword.

need to be vigilant especially this day and age, phishing becoming more and more advanced.

Malware detection app - Avast and spyware detector.

Banking app all in phone Z, not an issue. The only issue is that the contact number with bank is registered to my phone Y.

Even split 3 phones still get unauthorised transactions.

Good to know that virtual card can be configured with additional features, this way will be safer.

With Samsung Pay / Google Pay, majority of phones are supported.

Thanks for sharing.

No need to use a virtual CC with Google/Samsung/apple pay. They will use a generated virtual CC on the fly. If buy stuff online and they support Google pay, I will choose this option since they won't know my main card number.

>recently kena for OCBC
topkek
Nearlee

how PRO trace transaction.

1. identify the Payment Processor.

2. on bill, read who "Request the Transaction", in your case PayPal.

3. You mention you dont have paypal account. Nothing wrong, i dont have a Maybank account, can a Maybank terminal process my hongleong card? Yes.

4. Block the CARD = this CARD is SAFE. IF you dont find the root cause, this will still haunted you in near future.

5. Go to paypal, raise a ticket, inform un-auth transaction with XXXX card. request investigation.

6. Paypal will told you, "Who, sent your card info, to request the payment"

7. from there you can block the Source, and maybe with enough complain, this "scammer" may be terminated from Paypal.




For me, blocking is not TOP priority. Finding ROOT Cause = TOP MOST important.
this is how you can Completely solve the problem.

WHO, WHEN, HOW, they get your CARD info to request payment.

DOnt blame BANK...
you pass your card to your wife to shop online oversea.... in somecase, small amount, can just auth success with correct card credential.

I got 2 CCs, 1 i got save in TnG, Shopee, TIME, Maxis, Digi, etc.

Another one is in my wallet only as a backup.

The backup wan kena

Its likely your X Phone

Y Phone only receive OTP, so no info to get there to compromise.

OTP is also not a surefire way to validate transactions. Whether 2FA is shown or not, is actually a flag on payment networks, not all payment endpoints need it.


Android gives you that level of granular control of what apps can access.

However, the best bet is still your own discipline and awareness. Sometimes its not even your fault. My card got terminated once without me knowing. The bank called me in the morning to let me know because their fraud detection found it was part of a leak, so they pre-emptively terminated it and re-issue.

If your bank is good, by default it will block on suspicious activity, then you call them to unblock after you verify that the transaction was valid. I used to kena a lot for FB ads charges last time.

However if your card is compromised already, its SOP from the bank to terminate it la. A lot of times, scammers already tokenize the card. Even if you resolve the leak on your end, the card can still be charged. Safest bet is to just get a new card number, which is normally done within a week.

Never thought can do this, thanks for this. I will try this out with paypal.

Adui.. I can only deduce, must be the one se-pillow hack your wallet in your sleep 😳😳😳














Pulling your legs je 🙏🏻

This post has been edited by jojolicia: Sep 3 2025, 04:18 PM

I've experienced similar situation like you.

I just received the renewal card of my Ambank debit card. Just activated for 1 day. And next day my card get unauthorised transaction.

I've been using this card since 2019 and never get any unauthorised transaction. So weird.