I’m not a customer of CIMB Bank. However, I would like to share one of the many scam activity going on targeting every major banks.

Below are the ways how they get your ID and password.

I received an email saying that I need to update my personal details as requested by the bank for security purpose. A link is provided for me to start. As the process require TAC number, my page will be directing to the REAL banking site to obtain the TAC via mobile phone SMS.

After that, proceed to login at FAKE website as shown below.

Type your ID and password together with TAC number that received via SMS mobile.

For this case, I randomly fill-in and it manage to go through!! (a trick to identify scam site).

Fill in your personal details as requested (fill up the fake information indeed) and SUBMIT for update.

Successful confirmation will display for few seconds before re-directing to CIMB Bank FAQ site.

Done!! You’re done and a big trouble is awaiting for you soon.

As you can see, this kind of phishing will be successful if you key-in everything REAL!!

Your ID and password is submitted to the  third party during on the process above. Your login information is captured and scammer will make a valid login on the real banking website. Without your knowledge, they’re able to transfer out your money from your account at a split of the second.

So, please beware and aware of this kind of threat online. Bank was hitting so badly with phishing activity recently.