The Association of Banks in Cambodia is cautioning bank customers to avoid clicking on any suspicious links after a $100,000 loss by a bank customer due to a SIM card-related account hack.
According to a statement from the Association of Banks in Cambodia on Monday, it has noticed an increase in recent smishing (SMS phishing) attacks with a fake link to verify confidential information or reactivate users’ accounts.
It added that with the number of scams currently rampant and fraudsters becoming more sophisticated, it is always necessary to be vigilant and not share any credentials or personal information.
“Please do not open those suspicious links, nor put your phone number, account number, PIN codes, password, personal data, or any credentials,” it said. “If you have done so, please immediately contact your bank via their hotline or toll-free numbers.”
Chhuy Bunleng, a customer of a Phnom Penh bank who experienced SIM card fraud, posted on Facebook on June 1 that that day was the saddest of his life as his wife's account had lost $100,000 the previous day. It started with his SIM card used for his wife's account, which had been bought from others, he added.
"I don't understand how another person could access [the bank app] and transfer $100,000 from the [bank account]. Please confirm that in less than three hours, it lost $100,000. My wife cried as we worked all day and night. I feel so bad for my wife,” he said on Facebook.
After his Facebook post went viral, he and his wife collaborated with the bank to investigate this case.
The Bank in question said on its Facebook page on Friday that the bank takes the security of customers' accounts very seriously. After immediately taking action to help its customer, it ran an investigation and confirmed that the bank's cyber systems are safe.
“We also conducted a meeting with the customer and explained our processes and the cyber security of our systems. The client doesn’t have any complaints with [the bank] and acknowledged our full cooperation,” the post said.
It added that the bank will keep cooperating with the customer and relevant authorities, including the Anti-Cybercrime Police Department and other agencies, to criminally pursue the fraudsters. In addition, it reminded all customers to always contact the bank first in the case of any potential fraud or suspicious activity.
“[the bank] never sends you links via SMS to verify your secret information or re-activate your bank accounts. We also never call or message you requesting your [bank] Mobile login details, OTP codes, secret words, or iBanking details,” it said.
---
