It goes without saying that the internet has become the main medium for transferring information and files on a global scale. However, because of the connected nature of the world, it has also become the fastest and easiest way of transferring malware.
From harmful software that locks you from your precious files to elaborate spyware that watches and collects data about you (and perhaps even your loved ones), these malware can easily disrupt your way of life and cause financial losses if you aren’t careful.
However, that doesn’t mean fighting these unseen threats is impossible! Figuring out if a certain programme or link contains malware is the first step to keeping you and your loved ones safe.
How does malware work?
For those who are unaware, malware is an umbrella term for harmful software that is often capable of capturing a victim’s user ID, password, TAC and other sensitive data, oftentimes doing so silently in the background. In order to gain access to your device, it will often employ various techniques, such as posing as pop-ups or even SMS, in order to trick you into installing suspicious apps.
Whichever the vector, the end result is you will be presented with a malicious link. If you hit this link, it can immediately install malware into your device and start stealing any relevant information. From there, the hacker may also get full control of your device. The only way to be sure your device isn’t compromised is to perform routine anti-virus and anti-malware scans across all your devices and start isolating any affected devices.
Safeguarding against hackers: what to look out for?
“Prevention is better than cure” is a phrase that also aptly applies when it comes to dealing with malware. With that, it goes without saying that you shouldn’t open any random links being sent through SMS or any messaging services. If these messages start promising something that is too good to be true, it most likely is. Same goes for any unknown or suspicious links sent by people you know; you never know if these people were also hacked and have been used to spread the malware further.
There are some instances where scammers posing as bank staff would ask for OTP and SecureTAC — banks will never ask for this, nor should you ever share these with anyone — so be sure to immediately cut any communications. Do not interact with any TAC or OTP number you did not initiate either, as these may be from scammers hoping to gain access to your account.
Public WiFi is also another hazard, as you do not know what else is connected to them. Until you have a safe and secure connection, abstain from keying in banking info or performing transactions. Same goes for Bluetooth; be sure to turn it off when it is not in use. Doing so prevents any eavesdroppers from intercepting crucial transactions or installing various malware on your personal devices.
Similarly, public computers are also extremely risky, as there is the possibility that they might have already been compromised by malware. Avoid connecting any device to these computers, such as phones or even USB sticks, and most importantly, do not save any login details or the like on these computers.
Better safe than sorry
Be sure to routinely run reputable antivirus programmes on your device, and be sure said devices’ operating systems are up-to-date, as both of these methods can prevent the spread of malware. Be sure to regularly change passwords to any important accounts to deny any hacker attempts.
Handheld devices are also at risk, so be sure to take the necessary precautions. Many do not know this, but URLs on mobiles often appear differently from desktops; take a moment to verify if it is legitimate or not. Speaking of legitimate, make sure that the apps you are downloading are only from the official app stores to avoid any bootleg software that can be malware in disguise. Once these apps are installed, ensure that permissions for all apps on your device are limited to strictly what is needed.
Compromised: what to do when you get scammed?
Sometimes, all it takes is a little slip in order for hackers to gain access to your bank account. But fret not, there are still things you can do to regain control of your account. First and foremost, immediately report and notify the bank of the fraudulent activity so that they may take the necessary actions to prevent further transactions. You can also take this opportunity to request the bank to deactivate your card or temporarily freeze your account. Coordinate with the proper personnel and ensure that the mobile device in your banking app is accurate. And of course, immediately change your passwords.
Specifically for CIMB Bank, there is the “Lock Clicks ID,” a self-service feature which acts as a ‘kill switch’ for CIMB OCTO App. This feature allows users to immediately freeze their online banking ID (“CIMB Clicks ID”) in-app if they detect any unusual or suspicious transactions or suspect that their account has been compromised. Once Lock Clicks ID is activated, users will be automatically logged out of CIMB OCTO App. Once a CIMB Clicks ID is locked, users will not be able to log in and any new outgoing transactions cannot be performed. This feature is one of the enhanced anti-scam measures that CIMB implemented in line with Bank Negara Malaysia’s standards for adding additional measures to strengthen banking security.
Users can quickly activate the Lock Clicks ID feature on CIMB OCTO App with these simple steps:
- Log into the CIMB OCTO App with your password
- Navigate to ‘Services’ > refer to ‘Clicks Profile’ > tap on ‘Lock Clicks ID’ > Tap ‘Proceed’
- Tap ‘Approve’ on the SecureTAC approval page > Tap on ‘Done’
Upon activation, users will receive a Post Transaction Alert notification confirming that their CIMB Clicks ID is locked. In order to unlock it, users will be required to contact CIMB’s Consumer Contact Centre and perform the necessary verification. Customers will then be able to access their CIMB OCTO App using their existing credentials. Customers are also advised to change their password after unlocking their CIMB Clicks ID.
Scammers are always finding new ways to breach your security, and users are responsible to keep their information safe. The best way to stay a step ahead of them is to always stay informed. When it comes to security, you’re in charge.
If you think you’ve been scammed, immediately call the number on the back of your CIMB card which is available for 24 hours, or the National Scam Response Centre at 997, from 8am-8pm daily. Be sure to file a policy report as soon as possible. To learn more about CIMB’s security measures, please visit www.cimb.com.my/sec.
This article is brought to you by CIMB
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
