One of Malaysia’s largest banks recently issued a scam alert warning to its customers about a new fake website created by fraudsters to steal customer’s banking details, which include username and password.
Links to these copy-cat sites are normally sent through SMS, email, or social messaging platforms with an urgent note requesting the recipient or customer to log in or update their bank account details.
Such modus is not new as Kaspersky researchers have been highlighting different scams and phishing tricks deployed last year to steal money, most are related with the pandemic.
It is a trend worth noting as this situation is stretching across the world as well as in Malaysia. Businesses and individuals should be critical of messages and emails related to topics such as vaccines and monetary aids.
In terms of mobile banking, it is another aftermath of the pandemic situation. We are using our phones more and more either for banking or e-payments.
And with 103,573 mobile malware attempts we detected and blocked in Malaysia last year, it is clear that cybercriminals know where the money is.
To help Malaysians avoid falling as prey, here are a few simple but necessary reminders:
- Check the website’s domain name thoroughly– particularly if redirected to the website from another page of email. Scammers may sometimes change a letter with a same-looking symbol or adding a word which may sound legitimate
- Avoid clicking any links – key in the URL manually whenever accessing your online accounts
- Look out for additional information about the domain – if you are unsure, you can refer to Whois Lookup domain checker, which gives information about who a domain name is registered to
- https:// instead of http:// – ‘s’ stands for secure, and ensure to check for the display padlock icon in the URL address bar
- Indication of trustworthiness – red flags include poorly written website copies, with numerous spelling or grammatical mistakes
- Beware of any requests for your details or money – avoid sending money or providing credit card details, online account details, or copies of personal documents to anyone you do not know or trust
- Avoid clicking on links or opening attachments in suspicious emails or texts – never respond to unsolicited messages and calls asking for personal or financial details
- Review your privacy and security settings on social media – be careful with who you connect with and learn to use your privacy and security settings
- Resist the pressure to act immediately – legitimate businesses will give you time to make decisions
- If it seems too good to be true – then it probably is
- Eliminate vulnerabilities — in your operating system and applications. Always ensure that the operating system — and all applications — on your computer and other devices have the latest updates installed.
- Protect against malware and Internet security risks – A rigorous anti-malware solution can protect you against computer viruses, worms, Trojan viruses, and more. Some anti-malware products also include special technologies that provide additional layers of security when you’re using online shopping and banking websites.
Written by: by Chris Connell, Managing Director for Asia Pacific at Kaspersky