Jamesc Hypersonic June 21, 2021 Share June 21, 2021 The way to hack this is to change her account from her handphone number to a new handphone number the fraudster is using. But why only her? ↡ Advertisement Link to post Share on other sites More sharing options...
Gizmore Supercharged June 21, 2021 Share June 21, 2021 (edited) On 6/20/2021 at 12:28 PM, BabyBlade said: https://m.facebook.com/story.php?story_fbid=10157731133872610&id=572922609 OTP FRAUD So this happened months ago, in January 2021, and has dragged on long enough to wear us out. At this point, we are helpless and have no idea how to move forward. It seems the last resort is to refer the case for adjudication and risk DBS retracting their offer of waiving 30% of the amount (and having to pay a 5-figure sum). Here’s what happened: Sometime in early January 2021, I tried using my supplementary credit card to make a purchase online but the transaction could not go through. I thought there was a glitch and simply used another card to make the purchase. A few days later, I tried using the same card and was told that my card was declined. Curious, I called DBS to find out why I hadn’t been able to use my card. It was then that I found out that I had almost exceeded the credit limit. Baffled, I asked for details of the transactions charged to my card since I only recalled using it for some items we needed for our new home. To my horror, I learnt that a total of SEVEN consecutive transactions were charged to my card, each amounting to approximately $1,400. The total damage was $10,150. Note that we had not received the hard copy of our credit card statement then. I informed the staff that I most definitely did not carry out these transactions and requested that they look into the case. Unfortunately, the bank told us that there is no way they are able to refund the money because these were secure transactions, made with OTP. But guess what? I did NOT receive any OTP for these seven transactions at all. The bank claimed I could have keyed in the OTP by mistake. But seven times?! Did the bank seriously think I would be tricked into giving the OTP to a stranger seven times? Long story short, we are liable for the charges. We were advised to lodge a police report so the police could investigate the matter, and were told that an investigation could help with our request for a refund. Imagine being told that there’s nothing you can do but to pay $10,150. I was heavily pregnant then, and was sooo flustered 😭 We rushed to the nearest police station to lodge a police report. So these seven transactions were made to TransferWise (now Wise), a website for monetary transfers abroad. Neither of us knew of TransferWise until this incident. The following morning, I called TransferWise to see if there was anything they could do. The transactions had gone through and there was no way they could reverse the transactions. By the time I called, they had suspended the account used to process these transactions. I was told that the bank had brought to their attention that the account could possibly have been used in a case of fraud, so they acted on the bank’s suspicion and suspended the account. A check showed that the transactions were wired to a Malaysian company, CWP Global Enterprise. The transactions were transferred and processed in ringgit. I then called the police officer assigned to our case and told her of what I had learnt and was asked if I could make a trip down to the station to add these details to my statement. The police has since concluded the case with no favourable outcome. We were told that there were no more leads so her superior advised her to conclude the case. She interviewed the TransferWise account user and found that it was a case of identity theft. Someone had used this person’s personal details to create an account on TransferWise. The transactions were not carried out by this person. A dead end is what we’ve come to. The bank refuses to do anything about the case and insists that we pay the sum of $10,150. In fact, they were unwilling to waive the monthly interest while the police investigation was ongoing. We explained that we had lodged a police report and were waiting for the police to get back to us. Still, they did not want to waive the interest of a few hundred bucks despite my husband putting in an appeal. If we had done nothing, the amount would have snowballed in no time. So I told hubby to go to our MP to see if he could get the bank to waive the interest for us. Days after Ethan’s birth, N went to see our MP, Mr Gan Kim Yong. His assistant helped send an email to Monetary Authority Of Singapore and DBS. The following day (yes, all it took was a day), a manager from DBS called N and told him that the bank would waive the interest for us while the investigation was ongoing. How efficient. Fast forward today.. We acted on the officer’s recommendation to bring our case to FIDReC, an independent and impartial alternative dispute resolution institution. The result? The bank explained that all the disputed transactions were deemed authorised by me since they could only go through with SMS OTPs. There were apparently SMS alerts sent to my mobile number once each disputed transaction was completed. At this point, I wish to reiterate that I did NOT receive a single SMS OTP or alert regarding any of the seven transactions, so help me God.. We are clearly victims of a fraud case. What do we do now? 😭 StarHub says they are only able to track incoming and outgoing calls, and outgoing messages — basically, “anything chargeable”, according to the customer service representative I spoke with. I asked if receipts of text messages are recorded in their system, and was told that Singapore Police Force would have to approach StarHub HQ for access to this data (still unsure at this point if they even have this data). This was communicated to the police officer but as I have said above, there is no favourable outcome — to be honest, I am not sure if she tried. Has any of you experienced something similar? Or do you know of someone who experienced something similar? If it’s not too much trouble, please help to share this post. Thank you 🙏🏼 EDIT: We did try to escalate the case to a higher authority i.e. the head of credit cards. Was told he would get the frauds team to look into the case, and that they’ve not encountered bypassing of OTP before. Frauds team concluded it isn’t fraud because the transactions are “secure with OTP”. I realised I didn’t mention that a total of 10 transactions were made and 7 went through because DBS only started to reject after the 7th transaction and sent a message or email to Wise warning of possible fraudulent activity. Yet they are telling me this isn’t fraud 🙄🤷🏻♀️ This, I found out through Wise, not DBS. The bank did not inform me about the attempt to charge 10 transactions to my card. https://mothership.sg/2021/06/dbs-credit-card-fraud-bypass-otp-sms/ Expand For this fraud to work, the underlying fraud mechanism is rather sophisticated to be able to reroute the SMS for the transaction to go through via OTP. I think there isn't enough investigation on the part of SPF especially when they concluded there was identity theft. Then obviously there is some level of fraud going on. Since the case resolves around OTP and without authorization from SPF, SH cannot reveal this information, then SPF needs to investigate more along this line to ensure they cover sufficient grounds to really prove there is nothing further they can do. Or maybe SPF did, but SH is just not providing enough and lead to SPF concluding nothing further can be done. I think the SPF need to answer if SH is able to prove receipt delivery of the OTP smses since the OTP is key to allowing the transaction to go through. This can only be thoroughly be investigated with proper authorization by SPF and get the parties involved to put in resources to dig deeper through their system. In summary, all parties involved are passing the buck around since there is no benefit for them to prove this. Edited June 21, 2021 by Gizmore 2 Link to post Share on other sites More sharing options...
Beregond Supersonic June 21, 2021 Share June 21, 2021 i just renew my car insurance. they just email me and inform me, they will auto renew and charge to my previous credit card. if i dun want, i need take action on my side. when they renew for me, i didnt receive any OTP to proceed, imagine i had many such purchase , and they will email and assume i ok to proceed.. Link to post Share on other sites More sharing options...
Volvobrick Supersonic June 21, 2021 Share June 21, 2021 Last year or before that I noticed credit card transactions for Amazon Germany. Called the bank, cancelled the card and was not charged anything. Link to post Share on other sites More sharing options...
Heartbreakid 6th Gear June 21, 2021 Share June 21, 2021 On 6/21/2021 at 2:17 AM, Spidey10 said: Shitty man....and the stress the pregnant lady have to endure...ahhhh my experience many years ago with CC fraud...the bank waive our fraud transactions and then they went after the merchant to get the refunds (looks like is not the case now). they will ask the merchant to provide the copy of the scanned signature, or carbon copy of the slip...i guess now they dun have all these.... anyway, i seldom buy anything on line...i am old school, i like to see and feel my things when i buy..., no see, no touch, no buy... Expand Old school is always better and safe. Physically can see, touch and feel. And provides business and joy all round. Online shopping is just "dead", like video com or whatsapp, the in person connection is not there, all are just artificial, not to mention have the risk of being hack, fraud and scam. Not that I am old school, but I prefer the days of the 90s till 2000s. A good balance and honesty. All this era of techs are really making people artificial also. 1 Link to post Share on other sites More sharing options...
Vid Hypersonic June 21, 2021 Share June 21, 2021 Possible that only 1 OTP was needed to set up the credit card. Once that is approved, subsequent transactions will not require it. ↡ Advertisement Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In NowRelated Discussions
Related Discussions
Mother of all scams thread
Mother of all scams thread
DBS Paylah
DBS Paylah
Breaking News: DBS customers unable to access bank's digital services
Breaking News: DBS customers unable to access bank's digital services
Sam Bankman-Fried arrested in the Bahamas, likely to be extradited to the US
Sam Bankman-Fried arrested in the Bahamas, likely to be extradited to the US
(spyshots + sound) 2022 Aston V12 Vantage confirmed
(spyshots + sound) 2022 Aston V12 Vantage confirmed
Glitch of double charging for DBS/POSB bank holders
Glitch of double charging for DBS/POSB bank holders
Harsh Dalal REmoved from Forbes list
Harsh Dalal REmoved from Forbes list