Revealing the tricks! Luring...deluding...hacking information through mobile phone/online shopping

• Luring into a trap: Victims are contacted through private channels by calling, sending SMS and various chat applications to reach and engage customers, such as winning free gifts, giving loans, warning or notifying victim of stolen financial information, etc. Then, when victims are interested and click on the link, they are directed to change or enter personal information on a fake website.
• Fraudulently entering personal information: After entering a fake website, the victims will be directed to perform unnecessary transactions, such as entering personal information, revealing OTP to conduct transactions at a branch or ATM, etc., thus allowing crooks to have our personal information for further fraud.
• Scamming money: Victims’ personal information is used without their permission, and the various ways the banks have been informed of to obtain money fraudulently are as follows:

>>>Attack an existing account: This happens two way-both transferring money out of the account and spending with the victim’s debit and credit card information.
>>> Apply for another service to receive money from the victim’s account: The most common cases are applications to other banks for financial services; for example, open an e-wallet account of a mobile operator by linking it to the victim’s bank account, and open a new account through the bank mobile application. This can be done in some banks that do not require that the account opening must be tied to the phone number provided to the bank’s system, but requires only general personal information such as ID number, date of birth, telephone number and OTP.

1. Strengthen detection of abnormal transactions to cover both low-value and high-frequency transactions, and empower the banks to suspend card usage immediately and notify customers through all channels, with a particular focus on monitoring foreign transactions.
2. Customer notifications are added at the time of every transaction through various channels such as applications, email and SMS.
3. Increase the security measures for using the card by discussing the issue with card network providers such as Visa and MasterCard, to require additional authentication for debit cards that are using OTP when paying at online stores.

• Know the Classic Trick: Don’t let unawareness and gullibility lead you to trouble>>> Using old patterns, old techniques such as impersonating employees in trustworthy organizations such as banks, the Bank of Thailand, the government offices, etc., and calling to ask for personal information, including asking for OTP. If you encounter such questions, you shouldn’t trust them, because they are not real employees. The banks have  systems to secure customer information that do not require contacting customers for information through such methods as g calling, sending a link via SMS, chat application and e-mail, but rather allowing the customer to contact  the banks through the official website. If in doubt about entering any information on online transactions or on the website, you should first contact the relevant staff directly.
• Beware of bank card information leakage: Whenever you use your credit or debit card, it opens the door for others to access your card account information, whether swiping the card at the merchant or filling in card account information online to make a payment. Here are some recommended preventive measures that we can manage by ourselves:

>>> Destroy the three-digit number security code (CVV) on the back of the card, or may be store it separately, as this CVV is an additional layer of security for the cardholder to verify their identity when using the card to pay online. In practice, many cardholders do not destroy this security code, leaving their data vulnerable to theft and becoming a channel for scammers to use it to buy low-value goods online.
>>> Avoid untrusted online transactions that require information on the front of the card and the 3-digit security code on the back of the card to prevent theft of card data for low-value online transactions.
>>> Reject or cancel the payment transaction, when you see that the online store has a low security system and no OTP verification system. OTP is a one-time code sent to the phone number associated with the bank card account.
>>> Set spending limits per day and per transaction for deposit accounts and card accounts to limit the extent of the damage, which may be as low as 0 baht for cards that are rarely used, and gradually modify/adjust the limit as transactions are made. This can be done by yourself anytime and anywhere through the account holder’s bank application.

Scan QR Code