fbpx
Connect with us

Social Stories

BEWARE: M’sian Shares How a ‘Maid Service’ Nearly Stole RM4,860 from His Bank Account

Published

ft scam
Source: Smith Ang | Facebook & The Portugal News

Follow us on Facebook, Youtube, Twitter, and Instagram for the latest stories and updates daily.

The Covid-19 pandemic has unfortunately brought about a rise in online-based scams. Notable examples include the online ‘Tengku royalty’ scam and scams involving those in search of jobs.

Recently, Smith Ang, a Malaysian took to his Facebook to inform the public of a new and innovative ‘phishing’ technique. ‘Phishing’ is a scam used to steal user data including login credentials and bank account numbers and occurs when a scammer pretends to be a trusted entity to dupe a victim into doing so.

“This is the Most Sophisticated Phishing I’ve seen so far. And it happened to me minutes ago,” said Ang.
Screenshot 148
In his post, Ang detailed his recent activities and how he almost became a victim of the scam.
Scamming through good promos of cleaning services

He wrote, “I’ve been searching for cleaners, and Facebook prompted one of the ads that caught my attention. Promotion! Who doesn’t like a good 50% promo.”

scam1

Part two: “The Hook – The power of ‘Call To Action’
After getting your attention, Ang explained how the ad brought him directly to the “vendor’s” WhatsApp.

“As you can see in the WhatsApp chat, I was asked to download an app, an APK file to be exact. Rarely do vendors ask their customers to download APK files directly.”

“Most will give you a link to the official app store. Don’t trust anyone who sends you an APK file. That doesn’t mean the official app store is safe either,” he added.

scam2

Part 3: “The Trojan”
After having installed the app, it would request permission to read his SMS. This is scary!
“Huh? Why do you need that for a maid booking app? If an app requests permission for something more than it should, then it shouldn’t,” he said.
scam3

 

Part 4: Intel Gathering

He added, “The app is well-built, even had its PDPA disclosure done correctly. The registration info required is name, email, password and mobile number. Upon finding the date and package I wanted, I had to key in my address.”

scam4

scam5

 

Part 5: The Bank

The next part involved the supposed payment process. Instead of it being the real bank, it’s actually a FAKE bank login.

“Conveniently, the credit card payment is greyed out (under maintenance) and the only option available is FPX. There are a few banks to prey on: Maybank, Affin, Public, CIMB, BSN and RHB.”

“After selecting the desired bank, a very familiar bank interface appears in front of you. If you see the Maybank UI, there is a note: ‘Note: you are in a secured site’ that replaces the usual catchphrase.”

“So when filling up the bank login details, no matter what you put in, it will always show ‘Invalid User ID or Password [Err Code: FE0067]’, now, this gibberish error code is the same for all the banks you select. Don’t tell me all the banks are using the same system developer?”

scam6

scam7

 

“I had a bad feeling, but I brushed it off as I was too tired,” said Ang.

 

Almost losing RM4,860

The very next day, Ang detailed how he had received a text message which said “RM0 PBe DO NOT share this code. DuitNow Transfer RM4,860.00 to NOORALIF SAFWA.”

“I immediately logged into my bank account, and I received the ‘Duplicate Login’ and that’s when I suspected it. Without hesitation, I sprung into quick finger mode. I was fighting for access with the intruder for the login rights.”

“Whenever I tried to change my password, it (my account) will be logged out. Years of playing speed typing games during my younger days boosted my typing speed. I won the login match and changed the password,” he said.

He then noted all the possible data of himself that the scammer would’ve gotten if it was successful.

This includes:

  • Name
  • Phone Number
  • Email Address
  • Mobile Phone
  • Address
  • Bank User ID
  • Bank Password

“This is a very sophisticated operation. Why? It preys on our weakness (got promotion ah?) and the fact that the entire scam ecosystem is well planned. From the curation of the marketing and advertisement to the almost flawless app,” he said.

“For those who are unaware, when you allow the app permission to read your SMS, this will include the incoming PAC/OTP code that your bank sends (SMS) to you for dual-factor authentication,” Ang added as a closing note.

So always beware of the possibility of falling victim to such scams. Always remember, if it feels suspicious, it probably is.

 

Have you ever fallen victim to an elaborate scam? Let us know in the comments.

 

Also read: Beware! New Scam Lures Victims With Promise Of Full-Time & Part-Time Jobs

Frustrated Man Looking At Laptop And Phone Using Whatsapp

Follow us on Facebook, Youtube, Twitter, and Instagram for the latest stories and updates daily.



Just In

copft copft
News1 hour ago

PDRM Investigates Receipts From Fast Food Eatery in Johor Allegedly Containing Insults Towards Islam

Recently, a report by news portal BuletinTV3 showed an image of fast-food purchase receipts allegedly containing words insulting Islam. Following...

wagyuft wagyuft
News1 hour ago

Johor Authorities Foil Attempt to Smuggle RM18K Worth of Japanese Wagyu Beef From Singapore

The Johor Malaysian Quarantine and Inspection Services Department (Maqis) recently managed to foil an attempt to smuggle RM18,832 worth of premium...

collage 105 collage 105
News5 hours ago

M’sian Comedian Charged with Drug Possession, Asks Court for Bail as His Kid is Going to School Soon

Malaysian comedian and actor Along Cham was arrested by PDRM last week for possession of over 60 grams of cannabis,...

feat image solemnisation feat image solemnisation
News10 hours ago

1 Day Before Her Wedding, a M’sian Nursery Teacher Pleads Guilty to Physically Abusing 11-Month-Old Boy

On the day of her solemnisation, a 24-year-old nursery teacher pleaded guilty at the Klang Sessions Court to physically abusing...

feat image india feat image india
News10 hours ago

Visa Exemption for Indian Nationals Extended Till 2026 as Over 1 Million from The Country Visited Malaysia in 2024

Malaysia has become one of the top spots for Indian nationals to visit this year, as can be seen by...

feat image bazaar feat image bazaar
News11 hours ago

Sepang International Circuit Announced as The Latest Location for Bazaar Ramadan Next Year

The Sepang International Circuit (SIC) will see another type of race next year, which has nothing to do with automotive,...

feat image ismail feat image ismail
News14 hours ago

Ismail Sabri Wants Southeast Asian Leaders to Speak in Bahasa Melayu at ASEAN Summit in Malaysia Next Year

Former Prime Minister Datuk Seri Ismail Sabri Yaakob has urged his successor, current Prime Minister Datuk Seri Anwar Ibrahim, to...

cat3 cat3
News20 hours ago

Wan Azizah: Immediate Action Needed to Identify Cause of Gruesome Cat Deaths at UM

Recently, 3 dead cats were found at a local university in a mutilated state, with their stomachs cut open and...

Announcement

Latest Videos



TRENDING TODAY