NOWADAYS, smartphones are no longer mere communication tools but the essential pulse of a person’s daily life. Yet behind every tap and app, hidden dangers quietly grow. Malware, once thought to affect only computers, now slips in through convincing links, fake downloads and other disguised traps.
To help Malaysians stay alert, the Association of Banks in Malaysia (ABM) and the Association of Islamic Banks and Financial Institutions Malaysia (AIBIM) launched its latest scam awareness concept, ‘Percaya Dulu, Menyesal Kemudian’ under the #JanganKenaScam umbrella campaign, on March 30. The campaign highlights how easily threats infiltrate daily life through blind trust or belief – often leading to shocking consequences.
Scams today take many forms. Some come as phone calls from impostors posing as authorities, pressuring victims to make urgent payments. Others hide in downloads from unofficial sources or appear as irresistible job offers, fraudulent investment schemes and phishing links masquerading as trusted brands.
Certain scams gain your trust, like love and loan scams, while others exploit convenience, such as fake QR codes, disappearing e-commerce deals, or strangers requesting to “borrow” your bank account for quick transfers. Regardless of method, the goal is the same: to steal personal information, access your accounts and ultimately drain your hard-earned money.
The numbers are striking. In 2024 alone, police reported 35,368 scam cases, costing Malaysians RM1.6bil – making up 84.5% of all commercial crime reports.
Safeguarding hard-earned savings is no longer a passive task; it is a shared responsibility across regulators, enforcement agencies, banks and the public.
Bank Negara reports that enhanced security measures helped the banking sector prevent over RM399mil in attempted fraudulent transactions in 2024, while unauthorised transactions from malware and phishing fell by 52%, proving that awareness and strong safeguards make a real difference.
In this digital age, the rule is simple: don’t believe first and regret later – always ensure your transactions are valid and safe from malware and scams.
A bitter experience
Retiree Liz Fernandez, 67, had hoped to enjoy her golden years in peace, but that changed after a simple Facebook search for pet-grooming services.
She received a link to register for the services and pay RM10 via bank transfer.
After clicking it, she installed a malware-embedded Android Package Kit (APK) on her phone, thinking it was a real and legitimate app. Soon, her device started behaving oddly, even when she wasn’t using it.
Within a short period, scammers had wiped out RM26,000 from her savings and they attempted to transfer another RM100,000 from her fixed deposit account.
The retiree contacted her bank, requesting immediate assistance. With both her and her banks' quick actions, they prevented further losses and stopped the scammers from accessing her remaining funds.
The case also prompted the bank to alert clients about malicious APK files disguised as legitimate utility platforms.
Malware scams
Liz’s story might sound alarming, but malware scams like hers are common in Malaysia. These scams usually start with something familiar – a link, a message, or an offer that seems useful or time-sensitive. It could be a “special deal” on social media, a fake link to a wedding invite, a notification asking you to track a parcel, or a cleaning service that is only accessible via an APK file. Scammers craft these messages to look like they’re from trusted brands or even people you know.
The real danger comes next. A hidden malware file – often an APK downloaded outside an official app store – embeds malware in your device when you install the APK file. Malicious in nature, APK files are designed specifically to steal your login details, monitor your activity and even authorise transactions without your knowledge.
Keep an eye out for these early warning signals:
> Messages from unknown senders urging you to open links or download APK files;
> Prompts to install apps from outside official app stores;
> Unusual phone behaviour, like apps opening on their own, pop-ups, or rapid battery drain.
Scammers often use local language and familiar branding to make the trap feel legitimate. By understanding how these malware scams unfold – beyond just “don’t click links” – you can spot the threat before it turns into a costly loss.
Practical tips
The good news is that most malware risks can be reduced with simple, everyday habits.
First and foremost, only download apps from official app stores such as Google Play or the Apple App Store. These platforms vet applications before they appear to users, blocking many malicious ones at the door. Avoid installing files like APKs from unknown websites or links sent via chat, email, or social media.
Be cautious with unexpected links, even if they look like they come from friends or familiar services. Before you tap, double-check the sender and the URL. Legitimate companies will never prompt you to install apps from unofficial sources or request sensitive information through unsecured pages.
Keep your device’s security features enabled and updated to detect and block threats before they cause harm.
If something feels “off” – sudden pop-ups, sluggish performance, or unfamiliar icons – pause and investigate before acting. A small moment of caution can be the difference between a smooth experience and a costly malware breach.
Stay alert
While banks and authorities work behind the scenes to intercept threats, the final line of defence is you.
If you notice anything suspicious – unusual messages, unfamiliar links, or unexpected app requests – act quickly. You can reach out to the National Scam Response Centre (NSRC) at 997.
Be sure to notify your bank immediately and lodge a police report to protect your accounts and help authorities stop the scammers.
Protect your devices and savings from malware scams and fraudsters. Visit www.jangankenascam.com or follow @jangankenascamofficial on Instagram and TikTok to watch the latest drama series featuring Adam Bakery, WanChai, Shah Zakaria and more – and learn how to spot scams before it strikes.
