Sorry to the TS but personally I still think that PB system is a little safer than M2U.

By the way, beware of phishing sites guys!

Any news about e-banking fraud before?
So far, I heard about PBB's a lot.
I would like to hear opinions from everyone.

I have been using PBB Internet banking for years. So far, haven't encounter fraud or hacking problems. I'm so curious to know the hacker did that too!

JustAsking, nice advice there, you seem like pro only

felicious, did you do any transactions on the same day your money were transfered?

"Based on my experience, bank's system cannot be hacked by mere hackers. There are too much safeguards to that. The faults mostly lies with the user's end."

Just these few days, there's a report on a hacker giving away FREE personal info including legitimate passwords to demo to a journalist how easy it is to get such info. The ppl affected were shocked. Mostly such info traded.

"And if the a/c has been accessed by a legitimate password, you are deemed to have authorised the transactions."

This is ABSOLUTELY UNTRUE!!!

Felicious, i somehow feel you are taking this too casually, maybe you are just joking and it's not a real situation. If it's real, please request the mods to transfer this to the "finance etc " board. They will know which board it is.

TS. Since you lost your IC, the fraudster probably go to one of the branch with your IC and claims forget your PBB ebanking username, password and TAC number. Just fill up the form with IC and the bank will issue a new one.

Maybe you may demand the bank to find out which branch and when your TAC is being changed. They will have CCTV in the premises for identification.

Nope. It had been some time that I didn't log in to PBE.

If this is true, why there are cases of unauthorized withdrawal via e-banking? And how my money can be transferred to an unknown person? I trust e-banking, and this is what I got. And please, if you think I am joking, why the heck I posted this? I ain't joking ok? Money is important for me. I earn money on my own and pay for my college fees. This money is the money from PTPTN loan that I applied. I don't joke with this kind of matter.

Please look at where are you now. I already asked a moderator to help me move to Finance thread.

If I am not mistaken, they cannot claim my PBB ebanking username and password. Same goes to TAC. They can only claim an ATM card. If so, they would cancel my current ATM card, right?

As I said before, I reported to bank and leave them to do the investigation. I was hoping some good news from them, but end up this is the news I got. After I've seen the letter, I ll proceed to Bank Negara as well as MCMC.
How I wish my case can be published in newspaper, so that nobody will trust PBE anymore.

AFAIK there's 3 failsafe,
1st, login password,
2nd, daily transfer limit (default is RM100 per day only, and cannot increase online)
3rd, TAC to mobile phone

So assuming the password and registered mobile number are still the same meaning account isn't changed/reset... the daily transfer limit has to be 2k+ to allow the transfer.
Did TS use the account for business transaction purposes? Why leave such account setting (with 2k daily transfer limit) without using it for some time? And why TS doesn't use your own mobile number?

I don't know your details situation.

I think you source of problem is here.

Banks don't scan your IC, they merely take photocopy of your IC in the verification process.

E-banking here need TAC to complete the transaction, without it, E-transfer won't be done.

Most problem facing by e-banking, is phishing site that taking in people user name and password.

the most important question is....how did they got the TAC........

I do online transaction for college fees. And I never increase the transfer limit. When I used it, I can transfer around RM2K.
What do you mean by I don't use my own mobile number?

Yea, I asked Public Bank, and they say they are on investigation and they also don't know.

Public bank default daily transfer limit is RM 5K, not RM 100 so few lah, how to do ebanking with just RM 100, sure get complain kaw kaw.

what he mean is that why not use your own phone number for TAC verification....why other people?

will PB TAC expire?

Will expire upon log off. Valid for that login session if requested.

PB TAC has serial number too.

is there any idle timeout for auto disconnection?

Not sure about that. Sorry couldn't answer that.

I think the hacker got some way to spoof the phone number to receive the TAC message. Heard before ppl can monitor all your call & sms by just knowing your phone number, we don't know how is the security of telco, so it may be possible.

hey TS, you said the money was taken out 25th august? did u log into your ebanking account on that date as well? i ask because your TAC doesn't expire immediately.



i saw the phishing site for m2u before. the actual address is maybank2u.com.my, but the phishing site one was maybank2u-e.com.my so alot of ppl couldn't tell it was a fake. the website layout is EXACTLY THE SAME as the actual m2u web site, so victims will just key in their username and password.

the best part is once u hit ENTER, your username and password is sent to the hacker, whereas the page reloads to the actual m2u website. this makes the victim think that maybe he/she entered something wrong, and will just continue re-login again into their account from the actual m2u site.

there is only 2 possibility......1 is being hack/keylog by "friend" or family....2 is that the banking system is being breached.........

the chances of 2 is quite low.....those who able to break in bank system would not only steal 2.8k =/ and not 1 person only

My guess would be the 'hacker' would have already got your phone number (SIM card), so probably he will receive TAC as she did?

This post has been edited by keith_hjinhoh: Oct 10 2008, 10:57 PM