I haven't done anything because I don't have the latest documents.
I just called Public Bank, the person in charge of this matter. He said that this transaction is done using valid ID and password. Also, TAC number is applied to my registered phone number to be used for the transaction. Thus, Public Bank said that they could not refund the money, as it has nothing to do with their PBe security.

hMm...issit an PBB insider job?? Hmmm.....then they will have all pwd, username and tac also rite? ahha.....
weird lor....the least digi shd tell u where did they deliver the TAC to ma. It didnt appear in your HP rite? Then it must have went sumwer...else like i asid, didnt go anywer at all. Insider job :/

Or did u check wif any of your family members if they took out money from your acc? Coz last time when i was working in a bank, the mother reported that her credit card got fraud. Later after all investigations, we found out rupanya the daughter "stole" her card and used a great deal out of it :/

This post has been edited by mIssfROGY: Oct 17 2008, 09:41 PM

Ermm, sorry to hear about... I thought normally this will only happy to Mxx Bank.

Then ask them to freeze the other person account, ask him for testimony. I believe with police report, you can request for relevant documents and information about the other person account, ask police to summon him out.

er password should be encrypted already de .. no one should have even ur password .. not even the admin of the server le ..

TS is not the only victim. I know a guy who lost rm1k over the last weekend. PBB account as well.

Maybe TS might want to pay Michael Chong (MCA) a visit.

On intercepting SMS, it is not so easy especially if TS's phone is always on. If really the TAC was requested may I suggest TS to check the phone number configured or request a TAC now and see whether she receives it.

The TAC generation I believe is via

[Bank database] -> [TAC Server] -> [Telco] -> [User Phone]

Thus possible points of failure are

1) Bank Database -> phone number for TAC changed
-> Another option that can be considered is maybe PBB system has a bug and the transaction has erronously been credited from her account. Ie. Login, Password, TAC all correct, only account number wrong.

2) TAC server -> Make to generate TAC to a different number (dummy message sent to server etc.)

3) Telco -> Tapping into physical systems

4) Phone -> lost

Have you checked that the registered phone number on file is still your actual number? The TAC part is the most puzzling to me because it's effectively a one-use temporary password, so it should be impossible to steal. If PB's security protocols are working, then it should be impossible for even any of its staff to do this because they won't have access to plaintext versions of any customers' passwords. The likeliest explanation is still the simplest, in my opinion. Someone close to you got a hold of your phone during the time the transaction happened and transferred the money. Your problem is that there was such a huge gap in time between when you discovered the theft and when the transaction actually happened. If possible, try to remember what you did during the day of the transaction and whether or not you left your phone with someone.

HAhahha....it depends looo on how the programmer writes the program

My username n password is used to log in to my PBe. TAC is applied to my phone number.
Nobody in my family can access to my PBe. Impossible my family members took out the money. If so, they will let me know before I make the report.

I asked for the 3rd party account details, but they refuse to give me. I thought I am the victim and I am suppose to know the details? Public Bank can't give me any answer. And the money was actually taken out already. PBB said then it is the police's job.

How's your friend's case? Can I have your friend's phone number? I wanna know more details about his case.

My phone is always on. The transaction was done on 12.16pm. At that time, I was at home preparing to go college, as my class started at 12.30pm. Or, I might be already at college for class. My handphone 95% is always by my side.

Yes, the bank told me it is my number.

Banks can't reveal third party details to you, it is a standard protocol. They only can give if requested by police investigation purpose, but they still won't give the details to you.
Even you have the third party details, it doesn't help you case to claim the transaction is not done by you. As banks said it is done with your password and TAC.

In order to prove the transaction never being done by you, is investigation through how the transaction is carried out, ie. to prove you didn't receive the TAC and how your password being compromised.

There must be something wrong in between, it could be a simple reason, most of the time.

This post has been edited by cherroy: Oct 18 2008, 10:49 AM

After you log out from PB, did u perform clear cache and clear temp internet files ?

Girls, any updates on police investigations? Perhaps you could press them to work harder.

This case is actually quite simple.

1] Go to bank, ask for the other account holder name & address

2] Detained the person with warrant, investigate on his account, transactions.

3] Cross-reference with felicious report.

That would do the job, aren't they?

This post has been edited by keith_hjinhoh: Oct 18 2008, 01:39 PM

The third part is not robbing or stealing from TS account. So police can't do it. It is just a E-transfer.
TS must prove it is a fraud case which until now TS has no strong position except no TAC being received. TS needs to prove those transaction is carried withouts TAC or TAC never obtained.
That's why we need to investigate how this fraud case being carried out also.

You must think from the other side, from police (enforcer) perspective, what if TS is telling lie or TS transferred the money but claim not doing after that and claim compensation from banks or TS actually transferred but regretted and try to make amend by telling lie? or whatever other reason.
Although I knew TS is not falling into these category, but from a police (as an enforcer), you must think from neutral point. No offence to TS or anyone.
Just like someone had mentioned about credit card fraud as earlier post, it is not a fraud after all.

Unfortunately, No

TAC was applied to my registered phone number.
I need to do something to prove that this transaction is not done by me. But, how?

Are you sure that you did not received the TAC message? Try going to MCMC and ask them to check whether the TAC message sent by PB server was received successfully to the registered phone number.

Every mobile telco should keep a record of all sent and received messages. If the telco says the message was successfully sent to your mobile number, it could be that someone has cloned your sim card.

These days, sim card cloning is highly unlikely but there is always a possibility.

---

Added on October 19, 2008, 2:25 amBtw, what phone are you using? Is it a Symbian or JAD/JAR enabled phone? There's a possibility that your phone might be hijacked.

This post has been edited by ibnuasad: Oct 19 2008, 02:25 AM

Well someone could have gotten your username/password and used your phone.

Maybe can prove by the telco co that msg didnt send to your HP?
If its a police case already, i think they will help kua?

But honestly i dun understand y dun the bank check with the 3rd party acc where the funds had transferred to, Wouldnt hurt to clarify one ma rite. Last time my mom's PBB acc also got sudden funds masuk. She gotto scream her lungs out at the officer to check on the case....else they wont care. Ya...she gotto scream eventho the funds was given to her FREE (BIG AMT...hahaha...many zeros is all i can say) and ya its also PBB...too bad mom is not here anymore, else i could have asked her about it for u. Btw, this happened 20 years back.....no ebanking then. Maybe you can use the harsh way and insist that they check it out for u, your rights what since its your money they have lost. If me I will proly make a big newspaper case out of it...2k is small, but this is a big matter aint it, millions could have been transferred instead! Go MCa or something....

Can MCMC know about this? I thought only my Telco company know that whether TAC is sent to my phone number or not. Too bad, Telco company will not allow me to know it. Only police have the right to know. My friend told me that it is quite easy to clone sim card now. I am using Symbian phone.
If my phone is hijacked, my PC also hacked by someone?


Yea, I hope this will be brought to press, but I don't have any contacts in newspapers. I went to DAP and DAP advice me to write letter to PBB and Police Station. I also don't understand why bank don't want to check with 3rd party account. When I wanna go to HQ, he say that I go HQ also useless, ask me to contact him.

Oh...btw i told one of my fren about your case, he told me that after you make the police report, please report to BNM (BANK Negara) They will definately take action. So please do....go report the case to BNM. And u can also inform PBB that u r reporting to BNM, usually these banks are "scared" when matters go to BNM, they might speed up their work. Update us yar!!

I reported to Bank Negara before they make this decision.