NEWS of a variety of scams has been circulating over the last month, involving Malaysian firms and many individuals who have lost millions to banking-related phishing scams.
A businesswomen lost RM1mil in a Macau scam after answering a call from the “Inland Revenue Board”. Another lost RM1.34mil when she shared her account details after getting a phone call claiming she was involved in fraud and illegal activities. And another senior citizen lost RM1.87mil to a parcel scam after befriending a woman, believed to be a foreigner, through social media.
Malaysia saw a drastic increase in online scams over the last two years during the Covid-19 pandemic: there were 71,833 scams reported with more than RM5.2bil in losses.
These scams take place despite the police issuing advisory warnings to the public about an increase in crimes where conmen impersonate bank staff and target victims through phone calls or SMS texts.
No country or organisation is immune to cyberattacks. Everyone is a potential victim of scams.
The cases involve online sales scams, online trading scams, African scams, Macau scams, business email compromised scams, fake loans and SMS text scams. According to the latest data from January to July 2022, there were over 12,000 cases of online fraud involving losses of RM415mil. The police detained 33,147 cybercrime suspects, and 22,196 were charged.
Scammers are trained in psychological manipulation and are quick to exploit low awareness, ignorance and vulnerabilities. They are always devising new techniques, exploiting technology and the gaps that exist in the financial system.
To tighten loopholes, Bank Negara recently introduced additional action to be taken by banks to ensure banking and payment channels are secure and equipped with up to date security controls.
Among the measures are migrating from the one-time passwords (OTP) authentication system to more secure forms; tightening fraud detection rules and alerting customers quickly to suspicious activity; restricting customers to a single mobile/device for authentication; imposing a cooling-off period for first-time online banking customers; setting up fraud report hotlines; facilitating recovery of stolen funds; and making it easy for customers to suspend compromised bank accounts.
It requires the collaborative efforts of all parties, including Bank Negara, the police, the Malaysian Communications and Multimedia Commission, financial institutions and cybersecurity experts, to identify syndicates and trace mule accounts and stop suspicious transactions.
However, all security measures would be for naught if the public keeps downloading fake apps or software filled with malware created by cybercriminals and refuse to believe they have been scammed.
Most scams happen due to a lack of consistent awareness and a lackadaisical attitude towards online banking. Banking institutions and the government must counter this by educating the public and teaching people basic rules such as the following:
> Use verified apps only.
> Browse authorised websites only.
> Use secure connections only.
> Keep your passwords secret.
> Be vigilant while using credit cards.
> Do not compromise on security software for phones/computers.
> Do not share personal information with anyone.
> Never click on suspicious links in SMS texts or emails.
Banks may have all the technologies, policies and procedures in place in compliance with international and Bank Negara standards but still scams happen.
In the end, it comes down to the public being responsible and playing a role in protecting themselves from scams.
If you receive a call or email from an unknown source, ignore it but also report it to the police by calling the Commercial Crime Investigation Department’s (CCID) Scam Response Centre at 03-2610 1559/1599 or sending a WhatsApp text to 013-211 1222. People can also check the CCID’s “Semak Mule” portal at bit.ly/ccid_scams.
DATUK SERI AKHBAR SATAR
Institute of Crime and Criminology