The advanced development of technology brings out various innovations, which people rely on to do their daily activities. However, as technology continues to develop, security issues also arise, or known as cybercrime.
Cybercrime is an act of crime with the advantage of technology and internet, with the intention to steal or hack someone’s personal information. There are several factors vulnerable to hackers, such as cellular phone, SIM card, e-mail account, or social media platforms. These cyber crooks can intercept our inbox, take control over our calls, and steal our personal information to commit money thefts.
SIM Swap Fraud is an act of duplicating someone’s SIM Card into a new one in order to obtain essential information about the victim, mainly banking data, which leads to act of fraud and theft. The stolen SIM card is taken over and claimed by the perpetrator, no longer belongs to the victim.
Perpetrators obtain personal data through phishing, browsing on social media or making calls to victims. Then they trick operators into duplicating the victim's cellular phone number to a new SIM card. The operator issued a new SIM card that was misused by the perpetrators to access the victim's calls, messages, or even online banking account. When the perpetrator already has personal data and is ready for a transaction, the One Time Password (OTP) will also be sent to the new SIM number.
Source: (January 14th, 2022, https://taarifa.rw/sim-swap-a-modern-form-of-fraud/)
Smishing or SMS phishing is the act of committing fraud through the medium of text messages by trying to influence the target to reveal their personal information or install malware on the device, which will then be misused for criminal acts.
There is a message from a private number on behalf of the Bank OCBC NISP: Congratulations, you won the lottery from OCBC NISP with code 0123456 For more INFO click: https://ocbcnisp.blosgpot.com. Note: You are directed to click on the false link, with which they could hack all your personal data.
Source: (August 31st, 2021, https://www.suara.com/news/2021/08/31/105807/cek-fakta-pertamina-beri-subsidi-rp-189-juta-via-sms-benarkah)
Voice phishing (Vishing) is a form of telephone fraud, with the aim of provoking the victim's emotions to provide personal and sensitive information such as credit card number, password or other personal data that can be used to access the target's bank account. This fraud usually targets the elderly or people who are less tech-savvy. Be suspicious if you are lured by prizes or be pressured to provide personal data.
The perpetrator contacts via telephone call, claiming to be a representative from a bank offering gifts or selling credit card products.
Perpetrator: Hello good afternoon, I am from OCBC NISP Bank. Congratulations, you are the winner of a IDR 50 million prize! If you receive a PIN code via SMS, please state the PIN code, so we can help disburse the money into your account.
Victim: *stating the PIN code*
Perpetrator: Which account do you want the money to be sent? Can you help mention your personal data and account number to make it easier for us to disburse the money.
Victim: *states personal data and account number*
Note: When you provide personal data such as your OTP or account number, that’s the time when the perpetrator acts to access your account and steal money.
Source: (February 3rd, 2022, https://selular.id/2022/02/luna-maya-kena-tipu-rp2-juta-telkomsel-himbau-pelanggan-rahasiakan-kode-otp/)
Email phishing is an act of fraud carried out via email, where the perpetrator sends suspicious messages or hacks your email account to get personal information. Email has become a must-have and used for various purposes including banking, therefore email is one of the main targets for hackers or criminals for stealing important data, including work and business matters.
An email from firstname.lastname@example.org asking you to register due to some incomplete data. The perpetrator also provides a suspicious link on the email for you to access.
Source: (August 31st, 2021, https://money.kompas.com/read/2021/08/31/100441226/waspada-email-palsu-berkedok-bank-bca-kenali-ciri-cirinya)
Using social media is fun, but unconsciously you have shared information about your friends, family, and contacts that anyone can see. The information you provide may be used by fraudsters as part of a social engineering.
Perpetrators sends a direct message on behalf of OCBC NISP with a fake account and the bank logo on their profiles, asking for personal data such as User ID up to password with the excuse to update your personal data, or providing links that will lead to fake account phishing sites.
Source: (December 4th 2021, https://www.liputan6.com/tekno/read/4742619/dapat-dm-instagram-dari-akun-tak-dikenal-hati-hati-phishing-internet-banking)
Crimes committed by perpetrators through e-commerce, such as account theft or hacking and personal data theft. Watch out for suspicious activities from e-commerce. The more they are, the more likely it is to be a scam.
Perpetrator pretends to sell goods online at low prices. When you agree to buy, an account number will be sent and you will be asked to transfer money right away. Then the perpetrator will immediately disappear, difficult to contact, block you, and take away your money.
Source: (January 7th, 2022 ,https://mediakonsumen.com/2022/01/07/surat-pembaca/modus-penipuan-oleh-penjual-di-shopee-2 )
Nowadays, messaging apps have become the main tool of communication, and WhatsApp is currently the most popular messaging app, so it’s not a surprise that it is used by cybercriminals to share phishing links. WhatsApp Phishing is an act of fraud carried out through WhatsApp by sending messages and claiming to be from certain parties, such as on behalf of the Bank.
Perpetrators usually send messages and ask you to approve or update personal data by attaching a link for you to fill out. When you receive an OTP message, the perpetrator will ask you to send it to them. Now the perpetrator can access PIN, Password and username that you usually use for transactions.
Source: (October 13th, 2021 ,https://www.cnbcindonesia.com/tech/20211013065545-37-283461/waspada-modus-penipuan-WhatsApp-tabungan-terkuras-rugi-parah)
Device Scams are a form of computer fraud by hacking your database. Perpetrators commit data theft to software or data destruction. Perpetrators also use smartphones to track your identity, location, and information about your friends, family and contacts. These makes you and your device a prime target for hackers.
The perpetrator sends a link via SMS containing an app update or notification that your smartphone has been contaminated by virus and gives a link to update or clean the virus. The link actually contains malware to hack your cellular phone and access your personal data.
Source: (January 29th, 2022, https://www.thecable.ng/ncc-to-nigerians-avoid-clicking-links-sent-through-sms-malware-in-circulation)
ONe Mobile, a mobile banking app by OCBC NISP, is a one-stop digital solution for all your banking needs. It is important to ensure that all transactions on ONe Mobile are smooth and secure. Increasingly sophisticated technology nowadays is also causing an increase in cybercrime. One of the targets is mobile banking accounts, with the aim of draining the customer's money in it.
ONe Mobile implements Two-Factor Authentication (2FA) or two-step verification to maintain transaction security:
A debit card is a transaction tool that can be used for payments by deducting funds from a bank account, as an option to cash. There are various types of Debit Card misuse as illegal means of payment, one of them is skimming. Perpetrators obtain and copy the customer’s data information contained in the Debit Card strip (on the back of the debit card, usually in black color). This action can occur when a customer uses an ATM service.
Credit cards are vulnerable to being misused by criminals as illegal payment instruments. The crime mode is under the guise of submitting an Unsecured Loan online or using data-duplicating tools such as EDC machines used for credit card payments. For administrative reasons, certain agencies often require a photocopy of an ID card or other documents. For security reasons, never duplicate Credit Cards by photocopying because they can be misused for transactions.
Banks will never ask for a photocopy of a credit card as a required document.
Online Debit Card is a transaction tool similar to a Credit Card or Debit Card, equipped with a card number, three CVV (Card Verification Value) numbers and an expiration date. Online Debit Cards are used to transact online in e-commerce or subscription entertainment service provider applications such as Netflix, Spotify, and so on. For OCBC NISP customers, Online Debit Cards can be created & used through the ONe Mobile application.
QR Pay on ONe Mobile is a non-cash payment feature at all merchants which implement the QRIS standard. Payment using QR Pay is very easy, but you still need to pay attention to payment security to avoid unwanted things.
Poinseru is a program as well as a loyalty platform which gives rewards in the form of points for every transaction made by OCBC NISP customers. Be cautious when logging into Poinseru with your internet banking/mobile banking User ID and password, because they can also be used to access your savings account.
You can redeem your Poinseru for prizes in the form of vouchers and goods. To maintain security when redeeming Poinseru, you need to verify (authenticate) with Transaction PIN on ONe Mobile, then enter the response code displayed on ONe Mobile to the Poinseru website page.