The ever persistent phishermen

0

THOSE of you who own email accounts would have noticed that not a week goes by without you receiving emails that either say the sender has a huge amount of money to give you or that you have to update your banking details.

Those who are tech-savvy will know to ignore these emails. Those who are even more advanced will know how to ‘teach’ their email accounts to recognise such emails and have them directed straight into the spam folder.

On Wednesday, The Borneo Post highlighted that a growing number of Sarawakians are being targeted by cheating syndicates to become account mules for money laundering.

Knowing that Internet users have become wary of these emails, the people behind phishing scams (let’s call them phishermen), have gone about different ways to scam others out of their money, or to gain access to their bank accounts.

One very popular method in Malaysia is the Bank Negara phone call. These calls will begin with a so-called officer from one of the large banks or financial institutions in Malaysia who addresses you by name and proceeds to inform you that there has been an unusual or out of the ordinary transaction detected on your credit card or in bank account.

In most cases, you would let your guard down because the caller has actually addressed you by name. This is so that you would think that the call is genuine. The caller will then proceed to ask you to ‘verify’ your details and it usually begins with him asking for your identity card number and birth date.

After that, they move on to ceremoniously declare that they have to also notify Bank Negara.

To do this, the caller will say that he will connect you to an officer from Bank Negara, and you apprehensively wait to be put through to this supposed officer. It all sounds very professional, with a connecting ringtone and the confident and efficient manner in which they speak.

The supposed officer will then come on and attempt to again verify your banking or credit card details.

If, at this stage, you still do not realise that this is a scam and innocently give away your details, you can count on being a lot poorer the minute you hang up, thinking you are in the good hands of Bank Negara.

This was what a close friend experienced recently. Fortunately, he was quick to catch on by the time the call was connected to the supposed Bank Negara officer. He then turned the tables on the phisherman by saying that he preferred to make a police report first, and would only then personally go to Bank Negara to verify the ‘unusual transaction’.

The pretend-officer did his very best to convince this friend to continue with the verification, assuring him that it was standard operating procedure, which also included an incident report being channelled to the cyber crimes division of the police.

Not buying into the so-called standard operating procedure, this friend hung up. He immediately went to a branch of the bank in person to alert the bank. His bank account was left untouched.

Other acquaintances have also related similar experiences, either through email or direct phone calls. Which makes you wonder, how do these syndicates get hold of our phone numbers and names?

In July last year, the Malaysian Communications and Multimedia Commission (MCMC), police and Bank Negara released a joint press statement that the number of phishing crimes, which often happens to users of online banking and e-commerce, has decreased due to the joint effort between the three departments.

Eye think that in cases of scams involving technology, it is premature to announce any decrease in incidences. Phishing scammers are always a step ahead where ideas and technology are concerned.

The departments concerned should instead carry out awareness programmes that reach out to the man on the street, rather than relying only on press statements.

What the public needs is interaction with experts from these departments who are able to explain the art and psychology behind these scams.

Outreach methods could include roadshows, talks (in different languages other than Malay and English), and interactive exhibitions where the public can find out how these scams take place.

Only then would the public be able to better understand what these online and phishing scams are about and be more alert towards attempts to victimise them.

Comments can reach the writer via [email protected].