I’m not a customer of Maybank. However, I would like to share one of the many scam activity going on targeting every major banks.

Below are the ways how they get your ID and password.

I received an email saying that I need to update my personal details as part of their account maintenance. They even mention about me changing my personal information recently. HELL NO! I did not call the bank, maybe others want to imitate me. By thinking this way, I may give a shot to click the link provided.

After that, proceed to login at FAKE website as shown below.

Type your ID and password together with TAC number that received via SMS mobile.

If you are using Maybank 2U Online all the while, then WHAT THE HELL 2 database server dot com is doing in the email? How on earth maybank may use external database to store information? IT literate customer may know this immediately.

If you see the THANK YOU page. Congrat, you are damn already.

Phisher at this stage already success to get your ID and password. They demand you not the login at the specific time to prevent dual login in different IPs at the same time. Dual login is easy to be detected by the monitoring tools and ID will be block after that.

What so ever, they will perform a valid login on the real banking website and perform fund transfer out to their account before you ever realize it as a scam.

Please DO NOT trust anything that you see fishy. This kind of threat is targeting the non IT savvy and easy to fall into trap. Bank was hitting so badly with phishing activity recently.