Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

IBPO Against Scammers: How to Avoid eWallet Scams

How to Avoid eWallet Scams

Media

Contact us

IBPO Against Scammers: How to Avoid eWallet Scams

How to Avoid eWallet Scams

Over the last year, payments have largely shifted online, whether we’re shopping online or going cashless in a shop. As such, scams have gone online too. 

eWallets have been a huge part of this change in preferred payment method, so it’s no surprise that criminals have targeted them looking for easy money. Chances are, to some degree, all of us with a smartphone use one form of eWallet or another, making us vulnerable to potential scams

Payments nowadays can be done in a snap through our smartphones.

What Are Some eWallet Scams Out There? 

Since the emergence of eWallets, there have been some known cases of scams targeting eWallet users. Whilst they’re not as profitable as bank scams or Macau Scams since nobody puts their entire life savings in eWallets, victims may still lose around RM 1,000 to these small-time criminals. 

 

The Fake Friend Scenario

There are fake friends among us.

Fake Friends Among Us

Certain eWallets such as GrabPay eWallet only requires a Grab Activation Code (GAC) to make payments once you’ve saved your credit or debit cards. The code is sent to your registered phone number to be filled in and complete the transaction. 

A real life case saw a scammer creating a fake Instagram account using the name of the victim’s friend. The scammer then messages the victim asking for his phone number. The victim obliged, and the scammer continued by saying a GAC would be sent to the victim’s number as part of Grab’s anniversary campaign. The victim sent the GAC to the scammer still believing it’s actually his friend, and the next thing he knows, nearly RM 500 was debited

 

“Help Me Register an eWallet”

Businessman Telling Lies Hold Crossed Finger His Back With Modern Building Background Min

If someone ever offers you easy money to help them register for an eWallet by providing your NRIC number and namedon’t do it

A case from last year saw a victim’s name and NRIC used for a new eWallet account, but it was registered under the scammer’s own number and address. This gave the scammer access to the victim’s bank account. In cases like these, criminals target low income group members and offer between RM 100 to RM 300 for their information. 

Fortunately, most eWallets now require users to take a selfie with their NRIC for verification during the registration process, so it is unlikely this trick can be used again. 

 

Fake eWallets

Fake eWallets Phishing Attempt

Cybersecurity companies have also warned people about the existence of fake eWallets. Do not click on just any online ads of eWallets you see, and definitely do not download them from suspicious links

These are often malware that will infect your smartphone with data stored from your digital payments. Always verify and make sure your phone is installed with the latest cybersecurity software. Remember, when in doubtdo not click! 

 

Ways to Avoid eWallet Scams

Avoid public WiFi networks

Do Not Connect to Public Wifi

If you’re ever connected to a public WiFi network, there are tricks to maintaining the safety and security of your digital finances. According to TNG eWallet’s tips on “Cashless Confidential”, eWallet users can protect themselves by:

  • Making sure they are on SSL VPN Security
  • Switching off sharing on their phones (Airdrop for Apple users or NFC mode for Android users)
  • Avoiding logging into personal accounts such as social media and bank accounts with public WiFi

 

Beware of phishing

Via phishing, scammers try to “phish” for victims through emails, messages, texts, calls etc. If successful, they can retrieve sensitive personal information from you such as your card details and social media login details. More often than not, they can use this information to gain access to your banking accounts

The case of the fake eWallet is an example of a phishing attempt, where someone or something tries to assume the identity of a legit body or person. They might try to lure you in by sending you a text or email with seemingly official links to legit eWallets or banks that you can “sign in” to, to “change your password” or for something else. 

Whenever you get emails like this, look out for misspelled domain namesextra subdomainssuspiciously blurry graphics and just bad use of language in general. 

 

Limit information you put out there

eWallet Data Security Concept Art

Control What You Share Online

As seen from some of the cases, information like your NRIC number and phone number can easily be used by criminals to access your eWallet or bank account.

It may be a smart thing to try and keep your information private, or at least not easily attainable by people you don’t know from the internet. Be smart about what you share with others!

 

Never give away authorisation codes sent to you

Authorisation codes refer codes sent to your phone to approve transactions such as One Time Passwords (OTP)Transaction Authorised Codes (TAC), or Grab Authentication Code (GAC.) 

If you didn’t request for a code but got one anywaydon’t share it with anyone. This should ring alarm bells because someone tried using your phone number to make a transaction you don’t know about! 

 

Bottom Line

eWallets have made life a lot easier and in light of the pandemic, safer as well. However, we need to be smart about how we use it; as things get more convenient for us, it may get more convenient for criminals as well! 

 

Reference: –

How to Avoid Getting Scammed as an eWallet User – Shen Lee