An online banking account user has claimed that he lost RM11,000 after his account has hacked. Eric Chua posted the incident on Facebook, going into details how the theft was probably executed.
Chua says he lost the amount last month and he believes his account was hacked two days after his salary was banked in.
His Facebook posting went viral and drew thousands of shares and likes before it was removed from public viewing, according to a says.com article.
Chua suspects the culprits hacked into his secondary email address and changed the password to eventually gain access to his primary email. He says the hackers gained access to online banking account through his primary email.
He says one of the culprits then impersonated him and requested for a SIM card replacement for his mobile number. Having changed the online banking password and a SIM card to receive Transaction Authorisation Code (TAC) codes, the hackers could transact using his account.
His online banking account was said to have been used to purchase four Samsung handphones and accessories from Mobile 88, an online shopping site. He says payment was made through his online banking account.
“I only realised something was amiss the following morning. While I was driving to work, I noticed my phone had ‘No Service’,” he says in the Facebook posting.
“When I got into office, tried to access my email but failed because the password had been changed. I checked my online banking account and realised it had been emptied. Luckily my credit cards weren’t affected.”
Chua had his online banking account and credit cards suspended, but could not get the bank to reverse the transactions. He also suspended his mobile service and made a police report.
He says bank officers told him that “nothing can be done” to reverse the payment as unlike credit card payments, as online banking transactions would go through once a valid TAC number is received.
Chua has also shared some tips on online banking safety after his experience.
“This might seem obvious, but keep different login names and passwords for accounts and change them regularly,” he says, urging the public to be alert of phishing scams.
He advises others to respond quickly when they see notifications of change in password, unusual usage of their email accounts or ‘No Service’ on their handphones.
“Someone could be trying to hack into your account and in my case, it was the first sign that someone had replaced my SIM card,” he says.
“Financial planners aren’t going to teach this but keep some of your cash reserves in a separate bank account, preferably non-online or fixed deposit (FD). I managed to pull through the past month because some of my savings were in another account.
“I guess I’m angry not only because of the money lost. My own carelessness that was a factor in it but also because technology and corporate institutions I had come to rely on have seemed to fail me in the past month.
“Whatever happens after this, I will vote with my feet but my hope is that the banking and telco players, as well as regulators, take note and make improvements to safeguard the system.”