From time to time, we would hear news of how Malaysians get scammed online. In this news, a researcher from a Slovak internet security company, ESET, Lukáš Štefanko made a discovery and detected many fake websites are disguised as legitimate services with similar domain names in Malaysia.
According to Štefanko, Malaysian online shoppers often get tricked by a certain fake website through a campaign run by scammers through Facebook ads. However, the website didn't provide the option to shop directly through them but tricked them into downloading apps from the Google Play Store instead. Oh, it's not really a Google Play Store either but a server under the control of the scammers.
He also mentioned eight Malaysian banks were targeted as well including Maybank, Affin Bank, Public Bank, CIMB Bank, BSN, RHB, Bank Islam Malaysia and Hong Leong Bank. When victims submitted their banking information, they will receive a fake message saying their user ID or password is incorrect. At this point, their bank account details were sent to the "malware" operator.
To further access the victim's bank account, the fake e-store app will send all SMS messages as if sent by the bank about the two-factor verification code (2FA). Štefanko warns online users to be careful with clicking on ads and paid search engine search results if they don't bring them to the official website. Moreover, it was encouraged to use 2FA software or hardware instead of SMS for greater security.
The report has listed seven fake websites and three malicious Android apps recently in Malaysia. We hope all of you don't fall to such obvious scams online even when things are too good to be true. Stay tuned for more trending tech news at TechNave.com.
COMMENTS