Photo credit:

By Jessica Wee

The conveniences of online banking allows you to access the most services without having to queue at the banking counters or ATM.

Research shows that wealthier millennials prefer online banking facilities that are more efficient in managing one’s accounts and investments. With the rising adoption rate of banking facilities being available online, comes more technical glitches, scam and online theft.

Having your bank account hacked or your personal and financial information stolen can create innumerable headaches.

Last month, Malaysian police have discovered a new tactic by scammers to steal money from victims’ bank accounts through an Android Package (APK) download.

Federal Commercial Crime Investigation Department (CCID) director Comm Datuk Mohd Kamarudin Md Din said scammers could hack into a victim’s phone after gaining access through an APK file downloaded by victims who “purchased” items online.

He said scammers would advertise items for sale on social media so that those who were interested would contact the “sellers” via WhatsApp.

“They will be instructed to download and install on their mobile phones an APK file link containing a fake application.

“The application will then take over the buyer’s existing SMS system, and the buyer has to register and fill in personal and banking details before they can use the application.

“After pressing the ‘send’ button, an error message will be shown as the application is not linked to any legitimate banking sites,” he said at a press conference yesterday.

Comm Mohd Kamarudin said the process was merely to give scammers access to the content of the buyer’s SMS and banking details.

Besides having your hard-earned money drained from your account via fraudulent transfers, an identity thief could leverage your information to open credit cards in your name and treat themselves to a shopping spree.

Some of the common online mistakes that will make you an easy prey includes:

  • Using personal information, such as your name, address or date of birth
  • Choosing short passwords
  • Relying on common words or simple number combinations
  • Using the same password for multiple logins
  • Not updating passwords regularly
  • Installing APK applications from illegitimate sources
  • Installing SMS applications from untrustworthy sources

If you feel suspicious of a call or an email or pop-up alert regarding your bank account, always request for a reference number, call back on a trusted bank number or ask your bank’s relationship manager to confirm if the website/email was genuine.

Here are some safety tips that we can practice online, starting today!

  • Create a strong password – consisting of alphanumeric, characters and symbols
  • Change password regularly – create a habit of changing your passwords monthly, if not quarterly
  • Store passwords safely – off line in a book that you keep under lock or use a password manager app eg: RoboForm, NordPass, Keeper, 1Password. McAfee.
  • Avoid saving your login information online Some websites give you the option to save your login information for future use, but if someone uses your computer or mobile device after you, they could gain access to your bank accounts. To at least help prevent this from happening, many banking sites now time out after a certain number of minutes of inactivity, and do not save your information.
  • Never click on links offering free stuff – do not click on any unverified hyperlinks sent via email, SMS or social media
  • Check during login that the website is correct and make sure your Personal Login Phrase is displayed accurately
  • Use a Secured and private Wi-Fi network – when accessing online banking account, ensure you are logged into a secure and private Wi-Fi network. When you’re on public Wi-Fi, hackers can more easily access your computer and steal personal information from it. You should never access your bank’s website through a computer, tablet, or mobile phone unless you’re on a secure Wi-Fi network with a password, or using your own cell phone data connection. This is much more difficult for thieves to hack, so it keeps your information safer.
  • Use Anti-virus software – install and constantly update your anti-virus software
  • Monitor your bank account – monitor regularly for any suspicious activities
  • Auto update – enable auto update on your devices software and browse
  • Use two-factor authentication whenever possible
    Two-factor authentication is the next level of security that many banks are now offering. Usually, you give your bank your phone number, and it texts a code when you log in online. Some banks also enable you to request a code via email or a phone call. You must enter this code in addition to your password to log in. This way, even if someone has stolen your password, they cannot access your accounts. It’s another hoop to jump through, but it could help keep your money safe, so set it up if your bank offers it.
  • Always type your bank’s web address into your browser yourselfIn Singapore, a new scam tricks victims into calling fake bank hotlines found in advertisements on Google searches

Most of these rules should be common sense, but you can never let your guard down. This is your money at stake — when it’s gone, you may not be able to get it back.

If you haven’t updated your computer’s software lately, set up two-factor authentication, or changed your bank account password in a while, do it now to ensure that your financial information stays yours alone.


6 + 10 =

Get smart money tips in your inbox
We respect your privacy.