Having his Maybank2u Account hacked two days after he received his salary and loosing RM11,000 from both his current and savings accounts, it’s safe to say that Facebook user Eric Chua didn’t have the greatest of times.
However, that didn’t stop him from posting his story, calling out on Maybank, DiGi and the police for their ‘help’, and finally imparting tips he picked up on how to avoid such disasters.
In his post which has gained over 2.8k shares, he recalls how he went to work the following day after his account was emptied, completely oblivious that he was a victim of an online bank robbery.
“While I was driving to work, I noticed my phone had ‘No Service’.”
Later upon reaching his office, he tries “to access my email but failed because password had been changed. Checked my online banking and realised it had been emptied. Luckily my credit cards weren’t affected.”
He tells how he tried to remain calm, and first dialed up Maybank to freeze his online banking and credit cards. Later, he calls Digi “to find out what happened and realised my sim-card was cloned the night before.”
“So I asked Digi to suspend the new sim-card. Made a police report. Last, gave a copy of my police report to Maybank and Digi for them to open investigations into the incident.”
Sadly, Eric has not received any progress from the police, and feels they don’t have the “right resources to handle such organised/cyber crime.”
Since, he has gleaned over and has made an attempt to guess the modus operandi of the hackers.
“My best guess at the sequence of events:
– Hackers broke into my secondary email and used it to change password and access my primary email
– Unidentified person impersonates me and goes to a Digi dealer at 9pm (just before it closes) to request for a Sim-card replacement for my phone number.
– They had access to my Maybank2u account and by 10pm, purchase four Samsung handphones and some accessories from Mobile 88 (an online shopping site). Payment is made using Maybank2u. TAC is sent to the new sim-card which they have just obtained.”
His post imparts some hard-learned lessons of wisdom.
“Reflection/Lessons for all:
1. This might seem obvious, but keep different login names and passwords for accounts and change them regularly.
2. Be alert to phishing scams. This is a tough one and it happens to the best of us.
3. Be alert and respond quickly when you see red-flags such as notification of change in password or unusual usage patterns in your email account or ‘No Service’ in your sim-card. Someone could be trying to hack into your account and in my case, it was the first sign that someone had replaced my simcard.
4. Financial planners aren’t going to teach this but keep some of your cash reserves in a separate bank account, preferably non-online or FD. I managed to pull through the past month because some of my savings were in another account.”
Upon his post gaining viral traction, Eric updated how he had been contacted by a few other victims who had the same tragic experience as Eric himself, perhaps hinting to us that there’s a new modus operandi that hackers are now using!
“I’ve been contacted by a few other victims who have fallen into a similar predicament but did not know how to proceed beyond approaching their banks/telco.
For that, I’ve been advised to go to BNM and MCMC. Search for Financial Mediation Bureau and MCMC Complaints Handling Resolution Guidelines.”
So, read up guys, and school yourself on the lesson Eric has taught us all so we don’t have to go through something as painful as that. I mean can you imagine losing RM11,000 to say the least??
And to Eric – well done bro, you are an outstanding Malaysian citizen for keeping us alert. Bless up.
