SCAM … SCAM ALERT! Please DO NOT trust or give a look at this kind of email. Bank never (and never) send such email to customer AT ALL.

Sample email from scammer

There’s NO WAY online banking identification can be verified using TAC code. TAC code is used to perform transaction and any update on your banking profile. Not used for verification. Please take note.

It has been long time since I wrote my scam mail that hitting our financial industry especially for those come from email. Again, I’m not a customer of Maybank but I would like to stress the important of awareness of such threat to us. It shouldn’t taken lightly because there were million of ringgit went to this syndicate yearly and most of the time the person who suffered from this is still customer.

Below email sample was how scammer scam your login information and steal your money:

Statement 1

Asking you and direct you to the REAL Maybank website to request for TAC code.

Statement 2

You receive VALID and real TAC code send to your mobile phone.

Statement 3

THE MOST DUMB PART. They asked you to go to their WHAT SO CALLED secured server (their scam server) to submit username, password and TAC code.

Statement 4

After they get your DUMB submission, they thanks you for complying their instruction

What do you feel if you completed all 4 steps without any realization that you HAVE BEEN CONNED? You even allow them to trick all your money out in 48 hours without suspect anything. So you’re FOOLED.

Scammer are using a very obvious way to get your login ID, password and TAC. Without TAC, they’re unable to do anything even with login ID and password (they’re only able to view your account). Therefore, to completely exploit your foolishness, they want to get your TAC and  how they robbed you in daylight. Go to bank asking for verification code. Give me your ID, password and verification code so I could do something to your account.

HEY, wake up please. This is no way they could use this to gain complete power on your account right? No one even bank employee would ask such this way and BANK NEVER ASK FOR LOGIN INFORMATION because bank itself also do not have access to the information as it WAS ENCRYPTED totally.

Okay, let’s see the weakness point of scammer who try to scam you in their way.

Sentence 1 – “Login into Maybank account. Click here”

Comment: Why should I click here? I got a website save in my Favorite list right. I rather go from there.

Sentence 2 – “You must request TAC via Maybank online banking … your TAC will be send to your phone … you can find TAC button down there”

Comment: It doesn’t have to be so clear right? Why I must to get TAC in the first place? Are you worry if I don’t know, I’ll just ignore your email? If you guide me till so details step, that’s mean you’re VERY HUNGER for my TAC, am I right?

Sentence 3 – “Logout from your account and close the browser”

Comment: Why you want to ensure I close the browser? Is it because of the real one and you want me to open your FAKE one?

Sentence 4 – “When you received TAC, go to our secured server verification server and submit information … click here to go on our secured server.

Comment: Why you have to mention twice to go to your secured server? Are you afraid we went to REAL website instead to your so called SECURED SERVER? Your sentence also broken when you mentioned twice, showing bank never had so low quality of sentence written.

Subsequent sentences show a weak grammars and very unlikely bank would use such weak sentences.

Remember, with this combination username, password and TAC given to the source asking for, and you’re DONE. Say goodbye to your money.

So, please be aware of such PHISHY request that NEVER happened come from a bank. REMEMBER this point…okay!