Jump to content

OCBC to pay out customers who lost money in recent SMS phishing scam

BabyBlade

By BabyBlade,
in Lite & EZ

 Share

Recommended Posts

BanCoe

BanCoe

Hypersonic
(edited)
1 hour ago, BabyBlade said:

Time to stash money inside my biscuit tin. But if got house fire how ah? 

Keep money in fish tank or toilet bowl 🤣…… or freezer……..

heard of the saying .. Cold hard cash 🤣🤣

Edited by BanCoe
↡ Advertisement
  • Haha! 3
Link to post
Share on other sites
Playtime

Playtime

Twincharged
1 hour ago, BabyBlade said:

Time to stash money inside my biscuit tin. But if got house fire how ah? 

buy crypto and store in a hard wallet. 😉.. but not for everyone of cos

 

  • Shocked 1
Link to post
Share on other sites
Ghgan

Ghgan

5th Gear

The bank could have do much more instead of just pacifying some customer with payout.

The organization should review the customer digital access and make it difficult for scammer to gain access to customer account.

For example:-

1. The bank can learn from the big FAANG which have a system that can detect if the user is using ip address that is from foreign country or different web browser, different smartphone which require further verification for online or digital app transactions.
2. Since the bank can do fast fund transfer or paylah or paynow, they can also implement delay fund transfer (e.g. option to set default delay 2-3 hrs of fund transfer),  this will allow customer time to call the bank to void transfer of fund.
3. Give customer the option to set fund transfer only allow in SG ip addresses or during office hours. If customer want an exception, the customer would be asked for further verification like hint questions that have a pacific answer that only the customer will know the answer.
4. Analyses the customer digital transaction habit, if there is abnormal transactions, the bank need to halt all transactions and verify with the customer.
5. Make it easy for customer to stop all further transaction via hotline or secure web access instead of putting them on hold. This can be easily achievable as most bank have automated credit card fee waiver using automated call flow with their hotline, they just need to program it to allow customer to stop further transaction on customer account.

 

  • Praise 3
  • Haha! 1
Link to post
Share on other sites
DOBIEMKZ

DOBIEMKZ

Turbocharged
2 hours ago, BabyBlade said:

Time to stash money inside my biscuit tin. But if got house fire how ah? 

The modern day biscuit tin for keeping valuables, whether money or documents, is a biscuit tin-size fireproof safe.

  • Haha! 1
Link to post
Share on other sites
Stary

Stary

Turbocharged
4 hours ago, kobayashiGT said:

Good initiative. A real bank should protect our assets. 👍

They didn't mention how much they are paying back......."good will" basis can be any amount ya.....

The news reporter should report that out of that $8.5m loss, how much did OCBC pay back so far.....

Otherwise, this news to me has no meaning. 

  • Praise 2
Link to post
Share on other sites
JanM

JanM

2nd Gear

Maybe next time those applying for online banking access have to declare that they are IT saavy, just like how you have to declare that you have financial knowledge when you want to open up stock trading account.

  • Haha! 1
Link to post
Share on other sites
Invigorated

Invigorated

Supercharged
28 minutes ago, Starry said:

They didn't mention how much they are paying back......."good will" basis can be any amount ya.....

The news reporter should report that out of that $8.5m loss, how much did OCBC pay back so far.....

Otherwise, this news to me has no meaning. 

Well said. I read the headline with a pinch of salt too.

They said goodwill payments made but this could be anything from 0.1-100%. They also did say payments started to be made to some 30 customers but here we are talking about 470 customers or so. So how many more of the 400+ customers to receive payment? I hope they are all covered.

The lapses definitely don't lie entirely on users and I do hope the banks consider the long term damage to their reputation if they fail to address security concerns and the losses of innocent customers adequately.

There are systemic lapses, from how SMS verifications are still being used despite knowledge that they aren't secure from past incidences and worryingly still being used today, to how victims didn't get proper follow up. I can only imagine the anxiety.. 

8.5 million is small change to such a big bank, but it's a whole life of savings for an some of their clients.. I can say that I'm considering closing my OCBC account.

Yes the threats may affect any bank but not every bank will respond the same way to these threats. I was fortunate enough to have credit card companies rejecting foreign transactions that weren't in line with my usual pay patterns. Sadly, the Ocbc system doesn't seem robust enough to notice a sudden surge in fraud activities. 

  • Praise 3
  • Haha! 1
Link to post
Share on other sites
BanCoe

BanCoe

Hypersonic
8 hours ago, Kangadrool said:

Probably covered by liability insurance.

Really ?? unless fault/error  is detected ……. Next time premium will go up 🤣 

  • Haha! 1
Link to post
Share on other sites
Volvobrick

Volvobrick

Supersonic
40 minutes ago, mikk123 said:

OCBC should fire its IT security chief and kick his butt....😂 SIA SUAY!

Many govt organisations have been hacked. So same proposal? 😅

Link to post
Share on other sites
Mustank

Mustank

Hypersonic
10 hours ago, Ghgan said:

The bank could have do much more instead of just pacifying some customer with payout.

The organization should review the customer digital access and make it difficult for scammer to gain access to customer account.

For example:-

1. The bank can learn from the big FAANG which have a system that can detect if the user is using ip address that is from foreign country or different web browser, different smartphone which require further verification for online or digital app transactions.
2. Since the bank can do fast fund transfer or paylah or paynow, they can also implement delay fund transfer (e.g. option to set default delay 2-3 hrs of fund transfer),  this will allow customer time to call the bank to void transfer of fund.
3. Give customer the option to set fund transfer only allow in SG ip addresses or during office hours. If customer want an exception, the customer would be asked for further verification like hint questions that have a pacific answer that only the customer will know the answer.
4. Analyses the customer digital transaction habit, if there is abnormal transactions, the bank need to halt all transactions and verify with the customer.
5. Make it easy for customer to stop all further transaction via hotline or secure web access instead of putting them on hold. This can be easily achievable as most bank have automated credit card fee waiver using automated call flow with their hotline, they just need to program it to allow customer to stop further transaction on customer account.

 

Your one a lot of content 💪

Link to post
Share on other sites
inlinesix

inlinesix

Hypersonic
(edited)
10 hours ago, Kangadrool said:

Probably covered by liability insurance.

Unlikely. Liability insurance settlement usually relies on all sort of investigation.

It will not be that fast.

Edited by inlinesix
Link to post
Share on other sites
BanCoe

BanCoe

Hypersonic
11 hours ago, Ghgan said:

The bank could have do much more instead of just pacifying some customer with payout.

The organization should review the customer digital access and make it difficult for scammer to gain access to customer account.

For example:-

1. The bank can learn from the big FAANG which have a system th

 

for a minute I tot banks must practice snake oil, big time 🤣

OK lah  Facebook, Apple, Amazon, Netflix, Google  trending ..... but FB also gets hacked too quite regularly though they have put barriers and more barriers

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...