PETALING JAYA: Malaysians are losing hundreds of thousands of ringgit via fraudulent Facebook advertisements, with victims being in the dark until they receive online banking notifications.
The Malaysian Computer Security Response Team (MyCert), an entity under the Communications and Digital Ministry, recorded 5,198 online fraud cases and 794 intrusion attempts between January last year and February this year.
Universiti Sains Malaysia School of Computer Sciences senior lecturer Dr Zarul Fitri Zaaba attributed online frauds to both human and technological factors.
“Human factors such as the lack of awareness and mistakes can be associated with these incidents. Factors involving technology that can lead to people falling for online fraud include system vulnerabilities and inefficient countermeasures.
“In computer security, countermeasures are methods or procedures that reduce risks by preventing and minimising damage.
“However, even if all security control measures are put in place, attackers can still find weak spots or flaws,” he told theSun.
Zarul said since attacking hardware and software security requires more time and effort, humans become the main targets as they can be easily manipulated using various techniques such as phishing, spam and clickbaits.
“If an offer (seems) lucrative and (promises) monetary returns, an individual may lose his common sense. People reply to phishing e-mails or clickbaits and (unknowingly) share their user credentials with attackers”.
Zarul said there is no single method to detect online fraud or suspicious activities. Thus, it is necessary to employ various strategies to protect oneself.
“Users can identify and flag suspicious activities by monitoring odd behaviours. Online fraudsters frequently display specific behavioural patterns, such as logging in from an unfamiliar location, using an unfamiliar device and network, attempting to log in multiple times with incorrect credentials, or making huge transactions.
“Another possible solution is to use security software such as anti-virus, fraud detection or prevention software.
“Although these tools can help identify and prevent fraudulent activities before they occur, they do not guarantee that one is fully protected.
“However, knowledge and experience may help to minimise the risk of falling into a trap.”
Association of Banks in Malaysia (ABM) executive director Kalpana Sambasivamurthy said the organisation is committed to running awareness campaigns to educate bank customers and the public on how to remain safe online.
She advised account holders to routinely monitor their statements as well as transaction alerts from banks closely and frequently.
“If you fall victim to online banking fraud or mule scams, call your bank immediately, or the National Scam Response Centre at 997 between 8am and 8pm for assistance. Next, lodge a report with the police to facilitate investigations.
“Thereafter, notify the bank in writing with a copy of the police report and all relevant records and documentation, such as transaction history, so they can be used for follow-up action.”
Kalpana said all banks have put in place processes to conduct investigations into reports of unauthorised transactions.
When an unauthorised transaction occurs, member banks are required by the regulators to ensure proper communication as well as fair redress for customers who have taken necessary steps to protect themselves and have not committed fraud, she added.
Kalpana said scammers are constantly devising new ways to defraud the public and the modus operandi changes over time.
“The common channels used by scammers include social media, e-mails, direct messaging such as SMS and WhatsApp, and phone calls. Oftentimes, victims are tricked into downloading malware applications or revealing their confidential banking information.
“Due to the increasingly sophisticated scams, everyone must equip themselves with knowledge and awareness of how scams are perpetrated to avoid becoming a victim,” she said.
