Man Loses RM1,250 In SMS Scam Despite Not Providing OTP
The victim’s wife says the telco blamed him for providing an OTP when he never did, urging the telco to take responsibility.
Subscribe to our FREE Newsletter, or Telegram and WhatsApp channels for the latest stories and updates.
Cases of scammers exploiting one-time passwords (OTPs) to charge payments to victims’ mobile accounts illicitly are on the rise in Malaysia.
The latest victim is Chong Chao Ming, husband of Facebook user Weiling Chua.
In a recent social media post, Chua alleged that her husband was scammed of RM1,250 despite not providing any OTP to the scammer.
“A scammer called my husband, claiming his credit card had transferred RM800 to his telco account and requested an OTP to block it. He didn’t provide it,” she wrote.
While Chong managed to block a subsequent RM8,000 credit card transaction, he found RM1,250 had still been charged to his telco account for a “CODA game purchase” without any OTP received.
The telco customer service informed him this was charged by a third-party content provider using the telco as a payment channel.
As OTP is required for such charges, the telco claimed Chong must have provided it, which he denies.
Rising OTP exploitation
Cases like Chong’s indicate scammers are increasingly exploiting the OTP payment authentication system to defraud mobile users in Malaysia.
Industry experts advise users not to provide any OTP unless they have personally initiated a transaction.
They also urge telcos to implement better safeguards and assume accountability for fraudulent charges instead of pushing blame onto consumers.
Scam alert: Those random OTP texts/sms you receive are in fact part of a scam. The scammer will follow-up with a call to ask you for it. Do not entertain. Better still don’t pick up. #RoboText #RoboCall #OnlineThreat #Malaysia
— Ivan Loh (@theIvanLoh) April 2, 2023
Users should proactively check statements and report discrepancies early to limit liability.
Enabling account notifications for every transaction can also help users more quickly detect fraudulent charges.
READ MORE: Man Loses RM4,600 After Clicking SMS Link, Scammers Use Barisan Nasional’s Name To Steal
READ MORE: Chef Loses RM7k Despite Not Sharing Out The OTP, Nearly Lost Another RM10k
Reporting Online or SMS Scams
Here are a few ways to report online or SMS scams in Malaysia:
1. Malaysia Communications and Multimedia Commission (MCMC)
- Report to the MCMC at https://aduan.skmm.gov.my/ or call 1-800-88-8888.
- National Anti-Scam Centre
- Lodge a report with the National Anti-Scam Centre at https://sem.com.my/ or call 03-2092 6929.
2. Police
- Make a police report at your nearest police station. Bring along any evidence of the scam.
3. Bank Negara Malaysia (BNM)
- Report financial scams to BNM’s LINK system at bnmlink.bnm.gov.my or call 1-300-88-5465.
4. CyberSecurity Malaysia
- Report internet-based scams to CyberSecurity Malaysia via email at info@cybersecurity.my.
When reporting, provide as many details as possible about the scam, like the phone number/email used, website/social media involved, communication content, bank account details, etc.
Screenshots and other evidence are also useful. Ensure to report quickly to prevent more losses.
Share your thoughts with us on TRP’s Facebook, Twitter, and Instagram.