By Venessa James
KUALA LUMPUR: Malaysia’s drive towards a cashless society may eventually eliminate cash-based crimes, but the digitisation of commerce and banking has opened doors to cybercrime, including online scams.
In 2022, the Commercial Crime Investigation Department (JSJK) of the Royal Malaysian Police (PDRM) reported 9,258 cases were linked to online scam sales involving victims from age group of between 15 to 61 years old and above.
Online sales are among the most reported cases. According to reports, online shopping scams involve scammers pretending to be legitimate online sellers and while many online sellers are legitimate, scammers can use the anonymous nature of the internet to rip off unsuspecting shoppers.
In many cases, the suspect entices the victim with a price that is much cheaper than the market value. After deposits are transferred by the victim to the bank account provided by the suspect, the latter becomes uncontactable after receiving payment.
A former HSBC bank officer Hemalatha Saravanan shared her regretful experience when she opted for a low-priced cleaning service advertisement on Facebook priced RM30 for an hour online last year.
Hemalatha said that upon clicking the Facebook link, it redirected her to a scammer named ‘Mr Roy’ via WhatsApp who then required her to make a partial payment for her booking.
“‘Mr Roy’ shared a link and requested me to download it with conditions to accept cookies and then redirected me to my online banking site but I did not receive any one-time password (OTP) when I tried to make a transfer.
“Right after that, my phone got hanged for 45 minutes and the balance of RM400 plus in my bank account and RM80 from my TNG (Touch ‘n Go) e-Wallet went missing,” she said.
She also said that she was unable to check if the offer was genuine before proceeding with the payment as ‘Mr Roy’ kept pressuring her with all his instructions to make a successful booking.
Who’s to blame?
Are victims themselves to be blamed for their ignorance, carelessness or negligence or the bank’s fault for failing to protect their customers’ accounts?
Cybersecurity expert Fong Choong Fook from LGMS Bhd opined that online scam victims are at fault for their carelessness and for placing trust in online strangers.
“E-banking frauds are quite common as the scammers can easily hack an Android phone and have access to the victim’s personal details via the Android Package Kit (APK) file,” he said.
Once the victim’s phone has been hacked, he said that the scammer will receive the bank’s one-time OTP to transfer out the money.
“This happens because the victim has installed unauthorised apps sent by the scammer.
“All banks should fully move away from using text OTPs and implement application approvals where some banks have started implementing it,” he added.
He said most banks are making effort to secure public accounts including sending reminders through emails, text messages and posting scam awareness on their respective websites.
Laws protect all
Earlier this year, the PDRM arrested an online jewellery scam syndicate and seized six mobile phones, two bank cards and seven copies of conversations from the WhatsApp used for their fraudulent activities.
According to Section 420 of the Penal Code, anyone who cheats and thereby dishonestly induces the person deceived, shall be punished with imprisonment for a term which shall not be less than one year and not more than 10 years and with whipping, and shall also be liable to fine.
Lawyer Muhammad Akram Abdul Aziz said that whether the bank is liable for the online scam would depend on circumstances, but he noted that in general, the Malaysian law is often said to be in favour of banks.
“This can be seen in a case involving the bank and its customer Lee Cheong Chee versus HSBC Bank Malaysia Berhad in 2021, where the customer utilised his credit cards for several monetary transactions with third parties, the latter who were alleged to be scammers,” he said.
He went on to say that the customer initiated a legal action in Kuala Lumpur High Court against the bank, contending that the bank should have taken steps to ensure that he was protected from being scammed.
“The High Court held that the bank is not liable in view of the several safety measures taken by them prior to allowing a monetary transaction to go through online as the contractual terms entered between the bank and the customer safeguarded the bank from being held liable in such situation,” said Muhammad Akram.
He said that normally each bank has its own terms and conditions on the use of its online services and or apps provided by them whereby these terms and conditions are binding on the users, noting that users should ensure that online transactions are approved and verified by them before proceeding with the third-party transfer.
On the need for banks to improve their security, Muhammad Akram said both the public and banks have to play their roles accordingly to avoid from falling prey to online scams, noting that most of the cases he handled were due to the victims’ mistakes.
“There’s no doubt that some banks need to strengthen safeguards against financial scams by protecting customer data given the rise in such cases where even banks themselves were also hacked to the extent that customer data has been compromised.
“But the reality is it is not that simple, and even if a hi-tech security system is installed, customers can easily fall prey to fraudsters and risk losing their money,” he added.
Digitalisation challenges
In fact, Malaysian businesses and consumers are the most receptive towards digital adaptation compared to more than 20 other countries in a post-COVID world, according to the Adyen Retail Report 2022.
Meanwhile, former civil servant Tangai Raju, 73, said while digitalisation has made the various services more accessible and convenient for the public, it has led to bigger problems.
“Important notices from banks or even bills are being sent via emails or informed through calls as they no longer send printed letters.
“This method benefits the scammers and they easily target their victims by acting as officers to deceive them for a financial gain,” he told Bernama.
Sri Rampai Health Clinic security guard, Baharin Jaafar, 52, said Malaysia’s move towards a cashless society will go a long way in curbing corruption especially in the public sector.
“It is easier and faster with cashless payments because with cash payments, the money might go missing but through card payments, it will be tracked and the money goes into the correct account,” he added. – BERNAMA