The advanced development of technology brings out various innovations, which people rely on to do their daily activities. However, as technology continues to develop, security issues also arise, or known as cybercrime.
Cybercrime is an act of crime with the advantage of technology and internet, with the intention to steal or hack someone’s personal information. There are several factors vulnerable to hackers, such as cellular phone, SIM card, e-mail account, or social media platforms. These cyber crooks can intercept our inbox, take control over our calls, and steal our personal information to commit money thefts.
Panduan Komprehensif Keamanan Digital Perbankan
SIM Swap Fraud is an act of duplicating someone’s SIM Card into a new one in order to obtain essential information about the victim, mainly banking data, which leads to act of fraud and theft. The stolen SIM card is taken over and claimed by the perpetrator, no longer belongs to the victim.
Sample Case:
Perpetrators obtain personal data through phishing, browsing on social media or making calls to victims. Then they trick operators into duplicating the victim's cellular phone number to a new SIM card. The operator issued a new SIM card that was misused by the perpetrators to access the victim's calls, messages, or even online banking account. When the perpetrator already has personal data and is ready for a transaction, the One Time Password (OTP) will also be sent to the new SIM number.
Source: (January 14th, 2022, https://taarifa.rw/sim-swap-a-modern-form-of-fraud/)
Smishing or SMS phishing is the act of committing fraud through the medium of text messages by trying to influence the target to reveal their personal information or install malware on the device, which will then be misused for criminal acts.
Sample Case:
There is a message from a private number on behalf of the Bank OCBC: Congratulations, you won the lottery from OCBC with code 0123456 For more INFO click: https://ocbcnisp.blosgpot.com.
Note: You are directed to click on the false link, with which they could hack all your personal data.
Source: (August 31st, 2021, https://www.suara.com/news/2021/08/31/105807/cek-fakta-pertamina-beri-subsidi-rp-189-juta-via-sms-benarkah)
Voice phishing (Vishing) is a form of telephone fraud, with the aim of provoking the victim's emotions to provide personal and sensitive information such as credit card number, password or other personal data that can be used to access the target's bank account. This fraud usually targets the elderly or people who are less tech-savvy. Be suspicious if you are lured by prizes or be pressured to provide personal data.
Sample Case:
The perpetrator contacts via telephone call, claiming to be a representative from a bank offering gifts or selling credit card products.
Perpetrator: Hello good afternoon, I am from OCBC Bank. Congratulations, you are the winner of a IDR 50 million prize! If you receive a PIN code via SMS, please state the PIN code, so we can help disburse the money into your account.
Victim: *stating the PIN code*
Perpetrator: Which account do you want the money to be sent? Can you help mention your personal data and account number to make it easier for us to disburse the money.
Victim: *states personal data and account number*
Note: When you provide personal data such as your OTP or account number, that’s the time when the perpetrator acts to access your account and steal money.
Source: (February 3rd, 2022, https://selular.id/2022/02/luna-maya-kena-tipu-rp2-juta-telkomsel-himbau-pelanggan-rahasiakan-kode-otp/)
Email phishing is an act of fraud carried out via email, where the perpetrator sends suspicious messages or hacks your email account to get personal information. Email has become a must-have and used for various purposes including banking, therefore email is one of the main targets for hackers or criminals for stealing important data, including work and business matters.
Sample Case:
An email from ocbsnisp@yahoo.com asking you to register due to some incomplete data. The perpetrator also provides a suspicious link on the email for you to access.
Source: (August 31st, 2021, https://money.kompas.com/read/2021/08/31/100441226/waspada-email-palsu-berkedok-bank-bca-kenali-ciri-cirinya)
Using social media is fun, but unconsciously you have shared information about your friends, family, and contacts that anyone can see. The information you provide may be used by fraudsters as part of a social engineering.
Sample Case:
Perpetrators sends a direct message on behalf of OCBC with a fake account and the bank logo on their profiles, asking for personal data such as User ID up to password with the excuse to update your personal data, or providing links that will lead to fake account phishing sites.
Source: (December 4th 2021, https://www.liputan6.com/tekno/read/4742619/dapat-dm-instagram-dari-akun-tak-dikenal-hati-hati-phishing-internet-banking)
Crimes committed by perpetrators through e-commerce, such as account theft or hacking and personal data theft. Watch out for suspicious activities from e-commerce. The more they are, the more likely it is to be a scam.
Case Sample:
Perpetrator pretends to sell goods online at low prices. When you agree to buy, an account number will be sent and you will be asked to transfer money right away. Then the perpetrator will immediately disappear, difficult to contact, block you, and take away your money.
Source: (January 7th, 2022 ,https://mediakonsumen.com/2022/01/07/surat-pembaca/modus-penipuan-oleh-penjual-di-shopee-2 )
Nowadays, messaging apps have become the main tool of communication, and WhatsApp is currently the most popular messaging app, so it’s not a surprise that it is used by cybercriminals to share phishing links. WhatsApp Phishing is an act of fraud carried out through WhatsApp by sending messages and claiming to be from certain parties, such as on behalf of the Bank.
Sample Case:
Perpetrators usually send messages and ask you to approve or update personal data by attaching a link for you to fill out. When you receive an OTP message, the perpetrator will ask you to send it to them. Now the perpetrator can access PIN, Password and username that you usually use for transactions.
Source: (October 13th, 2021 ,https://www.cnbcindonesia.com/tech/20211013065545-37-283461/waspada-modus-penipuan-WhatsApp-tabungan-terkuras-rugi-parah)
Device Scams are a form of computer fraud by hacking your database. Perpetrators commit data theft to software or data destruction. Perpetrators also use smartphones to track your identity, location, and information about your friends, family and contacts. These makes you and your device a prime target for hackers.
Sample Case:
The perpetrator sends a link via SMS containing an app update or notification that your smartphone has been contaminated by virus and gives a link to update or clean the virus. The link actually contains malware to hack your cellular phone and access your personal data.
Source: (January 29th, 2022, https://www.thecable.ng/ncc-to-nigerians-avoid-clicking-links-sent-through-sms-malware-in-circulation)
OCBC mobile, a mobile banking app by OCBC, is a one-stop digital solution for all your banking needs. It is important to ensure that all transactions on OCBC mobile are smooth and secure. Increasingly sophisticated technology nowadays is also causing an increase in cybercrime. One of the targets is mobile banking accounts, with the aim of draining the customer's money in it.
OCBC mobile implements Two-Factor Authentication (2FA) or two-step verification to maintain transaction security:
A debit card is a transaction tool that can be used for payments by deducting funds from a bank account, as an option to cash. There are various types of Debit Card misuse as illegal means of payment, one of them is skimming. Perpetrators obtain and copy the customer’s data information contained in the Debit Card strip (on the back of the debit card, usually in black color). This action can occur when a customer uses an ATM service.
Credit cards are vulnerable to being misused by criminals as illegal payment instruments. The crime mode is under the guise of submitting an Unsecured Loan online or using data-duplicating tools such as EDC machines used for credit card payments. For administrative reasons, certain agencies often require a photocopy of an ID card or other documents. For security reasons, never duplicate Credit Cards by photocopying because they can be misused for transactions.
Banks will never ask for a photocopy of a credit card as a required document.
Online Debit Card is a transaction tool similar to a Credit Card or Debit Card, equipped with a card number, three CVV (Card Verification Value) numbers and an expiration date. Online Debit Cards are used to transact online in e-commerce or subscription entertainment service provider applications such as Netflix, Spotify, and so on. For OCBC customers, Online Debit Cards can be created & used through the ONe Mobile application.
QR Pay on OCBC mobile is a non-cash payment feature at all merchants which implement the QRIS standard. Payment using QR Pay is very easy, but you still need to pay attention to payment security to avoid unwanted things.
Poinseru is a program as well as a loyalty platform which gives rewards in the form of points for every transaction made by OCBC customers. Be cautious when logging into Poinseru with your internet banking/mobile banking User ID and password, because they can also be used to access your savings account.
You can redeem your Poinseru for prizes in the form of vouchers and goods. To maintain security when redeeming Poinseru, you need to verify (authenticate) with Transaction PIN on OCBC mobile, then enter the response code displayed on OCBC mobile to the Poinseru website page.
Nowadays, there are various payment methods that makes us easier to carry out transactions quickly and without hassle for various types of merchants and transactions, both online and offline. However, this convenience also comes with the potential crimes such as fraud and identity theft.
Avoid the risk of fraud and identity theft when making transactions with your credit and debit cards with the following steps:
Download the following guidebook for more info.
Be Cautious! Do Safe Transaction with Your Bank Card