Monday, May 29, 2023

How a scammer steals from a bank account

Many people are quite illogical. They are fearful of scams but they do not pay attention to how the scams are carried out. They spread fear and advised people wrongly, due to their ignorance.


The scammer cannot steal your money from the following:

a) knowing your email address
b) when you ordered food with a QR code

To access your bank account and steal your money, the scammer needs to know your account login credentials (i.e. your sign in code and password). Most people have set up a 2FA, so the scammer need to have your physical phone (to generate a 2FA token) or to receive a one time PIN sent by your bank.

This is how a few recent scams worked.

The scammer sent an email to the customer purporting to come from the bank. This email contain a link to a fake website that looked like the bank's website.

The customer (who does not suspect the scam) clicked on the link to enter the login credentials (code and password). The scammer uses the credentials to access the real website of the bank. The bank sends a PIN to the customer.

The customer enters the PIN into the fake website. The scammer now has the PIN which they can access the real website.

I have set up a 2FA using the bank's digital token. My bank does not send a PIN. The scammer needs to have my physical phone to access the digital token. But, my phone is protected by my fingerprint (which the scammer does not have).

The chance of a scammer accessing my bank account is extremely low. It may happen, but most likely it will not.

I encourage people to take the trouble to learn how how a scammer carries out the scam, rather than have a blind fear and spread fear through ignorance.

Tan Kin Lian

2 comments:

Anonymous said...

scammers different type one.

got legal one

got illegal one

got hide one in policy

got pay and pay one

got magician one

got confuse one

the world now veri scam with high profits also

Anonymous said...

Beware of SMS phishing scam offering promotional Fixed Deposit rates.

Do not disclose your personal details, Singpass, online banking credentials, card details and OTP to anyone that you transfer the funds into fixed deposits.

Blog Archive