Alert – Scams are on the Rise

Watch out for slick imposters and fraudsters preying on victims in a mind-boggling range of products and financial scams reported in recent times.

Criminals have become more sophisticated in their ways to steal your money and data.

Despite extensive media coverage, many people still fall victim to fraudsters and scammers. Criminals are more sophisticated in their tactics with the hopes of getting victims to let their guard down and steal their personal, banking and other valuable data with fake emails, websites, social media, phone calls and text messages. Authorities warn that slick imposters will continue to develop new frauds and scams, more so in times of uncertainties like the ongoing Covid-19 pandemic. Amazing Seniors explores some of the different scams and their techniques. ACCOUNT TAKEOVER Account takeover fraud occurs when a cybercriminal gains access to a victim’s login credentials to steal funds or information. For example, fraudsters digitally break into a bank account to take control of it and have various techniques at their disposal to achieve this, such as phishing and installing malware. To avoid falling victim to such a crime, you can create strong, unique and complicated passwords and enable two- or multi-factor authentication when available. ATM FRAUD Criminals have developed means to intercept both the data on a card’s magnetic strip as well as a user’s PIN. In turn, scammers use the information to create fake cards and withdraw funds from an unsuspecting individual’s account. Don’t share your card or PIN with anyone. If you notice anything or anyone unusual or suspicious around an ATM, don’t use it. BROWSER REDIRECTION AD SCAMS You may have noticed that the first two results of a Google search are advertisements. Scammers can create advertisements and lead you to a fake identical website. Once tricked into a fake website, you may unknowingly share your online banking or personal information with scammers. Also, look for a padlock icon next to the site name. It means the site is secured with a digital certificate. CAR AD SCAMS A syndicate would advertise the sale of imported vehicles – purportedly from Singapore, Thailand or Langkawi – with lower prices than the market value. Unsuspecting victims would transfer funds to a mule account to settle various matters, including road tax, vehicle grant and Customs duty. Therefore, be cautious when purchasing cars online and check the latest used car prices. COD SCAMS Cash-on-delivery scams work to lure customers into paying for parcels in cash that they did not buy or do not match their purchases. The scammers, primarily based overseas, can pose as legitimate online sellers on fake websites or social media. Many of these scammers send their COD parcels via forwarders, who then assign the deliveries to courier companies that have no contact with these scammers. In addition, be wary of advertisements offering products at suspiciously low prices. You can check reviews and only buy from reputable sites, and do not pay for any parcels that you’ve not purchased online.

Be alert for messages stating you’re Covid-19 “positive” through questionable contact tracing exercises.

COVID-19 VACCINE TEST KIT SCAM A recent scam via WhatsApp concerns a message stating that the receiver had been “identified” as Covid-19 positive through a questionable contact tracing exercise. The message urges the victim to self-isolate, agree to a test within 72 hours, and request the intended victim’s mailing address to send out a test kit. If a victim responds to the message, the scammers ask for their payment card number, details and a fee for the “test kit and results”. For official information on vaccines and Covid-19, visit http://covid-19.moh.gov.my/vaksin-covid-19 or https://vaksincovid.gov.my. DEBIT/CREDIT CARD FRAUD Credit card fraud is fraud committed using a payment card – a credit or debit card. The purpose may be to obtain goods or services or make payment to another account controlled by a criminal. Do not respond to messages or calls from an unknown person asking for your credit/debit card details. When in doubt, please contact your bank immediately. IMPERSONATION SCAMS There are many different impersonation scams, but they all work the same way: a scammer pretends to be someone to convince you to send them money. Such scams usually target vulnerable seniors to persuade them to forward the funds to an account controlled by the fraudster. In addition, the fraudster may make false criminal accusations implicating the victim and coerce them to transfer funds to prove their innocence. Also known as caller ID spoofing, victims are usually frightened into believing that they face imprisonment if they do not follow the instructions. Therefore, constant vigilance is vital, and verification should always be your first step. INVESTMENT SCAMS Bursa Malaysia warns investors to be on high alert against investment fraud. The exchange operator has observed an increase in scams involving its name and corporate logo in dubious schemes. Scammers often use unlicensed or unregistered companies, websites and promotional material that mimic legitimate financial institutions to deceive the public. Do not provide personal information or data to strangers, reply to suspicious emails or text messages, contact senders, or open suspicious website links or attachments. Before deciding to invest, check information from established sources such as Semak Mule (by the Royal Malaysian Police), Bank Negara Malaysia’s Alert List, the Securities Commission’s Investor Alert List, Bursa Malaysia’s useful links through ‘Be an alert investor’, and the Domestic Trade and Consumer Affairs Ministry (KPDNHEP). KEYSTROKE LOGGING Keystroke logging or capturing is recording the keys struck on a keyboard. Consequently, a person using the keyboard is unaware of the monitoring. The person operating the logging programme retrieves the data by using software or hardware. Consumers are advised not to open attachments or download files from unknown sources because they could hold malicious software containing a keylogger. LOGIN SPOOFING Login spoofing is another way of obtaining a user’s username and password. For example, the user is presented with a bank’s login page to prompt the username and password before passing it to the attacker. Again, you can switch on your spam filter, scrutinise the communication, and install malware removal or antivirus software to protect against any cyber threats or viruses. MALWARE Malware covers a range of malicious and harmful software installed on your computer through viruses, worms, spyware, adware or trojan horses. Malware influences the normal device processes and steals information. Scammers use malware to steal money from your account and to commit identity theft. Keep your computer and software updated and use antivirus software. MULE SCAM If you respond to spam emails or suspiciously high-paying job offers, you could be a victim of a mule scam as a “money transfer agent” or “money mule”, where a mule’s bank account receives stolen money from phishing victims. The bank account acts as a transit before the funds are sent abroad and later withdrawn by the fraudsters. Avoid communication with any suspected criminals and do not transfer money or any other items of value.

Install a phishing filter on your email application and web browser to avoid fake email scams.

PHISHING/FAKE EMAIL SCAMS Phishing deceives one to give away sensitive information. The initial phishing email entices the recipient to click on the provided link. The methods fraudsters use to do this include enticing subject lines, forging the sender’s address, using genuine-looking images and text and disguising the links within the email. Install a phishing filter on your email application and web browser. SAFE ACCOUNT SCAMS A safe account scam involves a scammer convincing you to transfer all of your money to a “safe account” from your “compromised” bank account. They may call you randomly or target you with a much smaller scam to appear more convincing and get your bank details. Immediately check with your bank to verify the occurrence. If you have fallen victim to such a scam, report it to the authorities and your bank. SMS SCAMS Such scams usually occur when you receive an SMS requesting you to confirm a recent credit card transaction. So, naturally, you will call the fake number in the SMS to ask about the deal. Fraudsters often use subtle methods to ask for the victim’s personal/banking information and transfer funds illegally with sufficient information. Therefore, do not respond to any suspicious prompt and avoid using links or contact info in any suspicious messages. TAC SCAMS Scammers would call victims to say that they registered the wrong mobile number. As a result, their TAC (Transaction Authorisation Code), also known as OTP (One Time Password), was accidentally sent to the victim instead. Know that your bank will not send an OTP to a different number but the number registered to your card.