Bank scams targeting mobile users are on the rise as customers turn to banking on their smartphones during the pandemic, warns a cybersecurity firm.
Kaspersky Asia Pacific managing director Chris Connell said a common phishing scam involved victims receiving an SMS or email with an urgent note telling the recipient to log in and update their bank account details.
However, the link provided instead directs the victim to a fake website created by fraudsters to steal the their banking details, like their username and password.
He referred to the recent scam alert warning by Maybank, though other local banks have since issued similar warnings.
“With 103,573 mobile malware attempts we detected and blocked in Malaysia last year, it is clear that cybercriminals know where the money is,” he said in a press release.
Kaspersky researchers found that the pandemic had led to an explosion in online scams, often involving messages or emails related to topics like vaccines and monetary aids.
Connell reminded the public of a few good cybersecurity practices to stay safe, including checking a website’s domain name thoroughly, especially when being redirected there from an email or SMS. Scammers often use a near identical name for their fake websites, sometimes by changing a letter or symbol.
“Red flags of a fake site include poorly written text, with numerous spelling or grammatical mistakes,” he added.
Alternatively, he recommended Internet users to manually key in the URL instead of clicking on a link, or to use a domain checker, which can reveal who owns the domain.
Perhaps most importantly, Connell strongly urged the public to avoid clicking on links or opening attachments in suspicious emails or texts altogether. This extends to ignoring unsolicited messages and calls asking for personal or financial details.
“Beware of any requests for your details or money. Avoid sending money or providing credit card details, online account details, or copies of personal documents to anyone you do not know or trust,” he said, adding that one should also always be wary of offers that sound too good to be true.
Additionally, as these phishing emails are often written to sound urgent, Connell recommends that users resist the pressure to act immediately, as legitimate businesses will give customers time to make decisions.