{"id":9901,"date":"2026-04-28T10:17:54","date_gmt":"2026-04-28T02:17:54","guid":{"rendered":"https:\/\/www.fmos.org.my\/?p=9901"},"modified":"2026-04-29T15:29:28","modified_gmt":"2026-04-29T07:29:28","slug":"credit-card-scam-weak-customer-verification-process","status":"publish","type":"post","link":"https:\/\/www.fmos.org.my\/bm\/credit-card-scam-weak-customer-verification-process\/","title":{"rendered":"Penipuan kad Kredit - Proses Pengesahan Pelanggan yang Lemah"},"content":{"rendered":"

<\/p>\n\n\n\n

Shane menjadi mangsa penipuan kad kredit di mana peranti mudah alihnya telah dikompromi. Beliau mempertikaikan 25 transaksi kad kredit tanpa kebenaran berjumlah RM23,205 yang telah dilakukan antara 11 hingga 15 Februari 2024.<\/p>\n\n\n\n

Siasatan mendapati bahawa penipu berjaya menyamar sebagai Shane dengan menghubungi pusat panggilan bank. Penipu tersebut bejaya memperoleh kelayakan log masuk sementara perbankan dalam talian selepas melepasi proses pengesahan identiti yang lemah, walaupun memberikan maklumat yang tidak lengkap dan mencurigakan.<\/p>\n\n\n\n

Pada 13 Februari 2024, penipu itu menukar nombor telefon bimbit berdaftar kepada nombor miliknya sendiri dan mengikat peranti mudah alih baharu kepadanya. Ini membolehkan penipu tersebut melaksanakan transaksi tanpa kebenaran pada 14 dan 15 Februari 2024 menggunakan kelulusan token lembut melalui kad kredit yang dikompromi.<\/p>\n\n\n\n

PENEMUAN<\/strong><\/h5>\n\n\n\n

Satu audit terhadap rakaman panggilan mendedahkan kelemahan ketara dalam protokol pengesahan identiti bank. Pemanggil bercakap dengan loghat Melayu yang ketara, yang tidak sepadan dengan pemegang akaun sebenar, dan gagal memberikan maklumat yang tepat mengenai alamat e-mel berdaftar serta butiran akaun.<\/p>\n\n\n\n

Walaupun terdapat percanggahan dan beberapa tanda amaran, kakitangan bank tetap meneruskan proses pengesahan pemanggil dan mengeluarkan kelayakan log masuk sementara. Selain itu, penipu tersebut mendorong kakitangan bank untuk mendedahkan maklumat sensitif, yang merupakan petunjuk klasik penipuan kejuruteraan sosial. Seterusnya, permintaan untuk menukar nombor telefon berdaftar telah diproses tanpa langkah perlindungan yang mencukupi.<\/p>\n\n\n\n

Protokol keselamatan dalaman bank didapati telah dikompromi dengan ketara semasa cubaan penyamaran tersebut, termasuk ketiadaan pengesahan pelbagai faktor (multi-factor authentication) yang kukuh bagi perubahan kritikal seperti pengikatan peranti mudah alih dan kemas kini nombor telefon, serta tahap kesedaran keselamatan yang tidak mencukupi dalam kalangan kakitangan pusat panggilan.<\/p>\n\n\n\n

KEPUTUSAN<\/strong><\/h5>\n\n\n\n

Pengurus kes memutuskan bahawa kerugian kewangan berpunca daripada dua kegagalan yang berbeza.<\/p>\n\n\n\n

Transaksi awal pada 11 Februari 2024 berjumlah RM9,090 disebabkan oleh peranti mudah alih Shane sendiri yang telah digodam, yang menyebabkan kelulusan notifikasi push tanpa kebenaran. Walaubagaimanapun, transaksi berikutnya pada 14 dan 15 Februari 2024 hanya boleh berlaku kerana proses pengesahan bank yang lemah membolehkan penipu mengambil alih akaun tersebut.<\/p>\n\n\n\n

Sehubungan itu, disyorkan bahawa Shane hanya bertanggungjawab ke atas kerugian awal sebanyak RM9,090, manakala bank menanggung baki kerugian sebanyak RM14,115. kedua-dua pihak menerima cadangan tersebut dan kes berjaya diselesaikan.<\/p>\n\n\n\n

<\/p>","protected":false},"excerpt":{"rendered":"

Shane fell victim to a credit card scam in which his mobile device was compromised. He disputed 25 unauthorised credit card transactions totalling RM23,205, performed between 11 and 15 February 2024. The investigation revealed that a fraudster successfully impersonated Shane by contacting the bank\u2019s call centre. The fraudster was able to obtain temporary online banking […]<\/p>","protected":false},"author":4,"featured_media":9923,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[26,25],"tags":[],"class_list":["post-9901","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-banking-islamic-banking-payment-systems","category-case-studies"],"acf":[],"yoast_head":"\nCredit Card Scam - Weak Customer Verification Process - FMOS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fmos.org.my\/bm\/credit-card-scam-weak-customer-verification-process\/\" \/>\n<meta property=\"og:locale\" content=\"ms_MY\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Credit Card Scam - Weak Customer Verification Process - FMOS\" \/>\n<meta property=\"og:description\" content=\"Shane fell victim to a credit card scam in which his mobile device was compromised. He disputed 25 unauthorised credit card transactions totalling RM23,205, performed between 11 and 15 February 2024. The investigation revealed that a fraudster successfully impersonated Shane by contacting the bank\u2019s call centre. The fraudster was able to obtain temporary online banking […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fmos.org.my\/bm\/credit-card-scam-weak-customer-verification-process\/\" \/>\n<meta property=\"og:site_name\" content=\"FMOS\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-28T02:17:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-29T07:29:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"commsadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"commsadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minit\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/\"},\"author\":{\"name\":\"commsadmin\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/8fbea4ebb5130d485f32d0731efd4689\"},\"headline\":\"Credit Card Scam – Weak Customer Verification Process\",\"datePublished\":\"2026-04-28T02:17:54+00:00\",\"dateModified\":\"2026-04-29T07:29:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/\"},\"wordCount\":352,\"publisher\":{\"@id\":\"https:\/\/www.fmos.org.my\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png\",\"articleSection\":[\"Banking, islamic banking & payment systems\",\"Case Studies\"],\"inLanguage\":\"ms-MY\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/\",\"url\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/\",\"name\":\"Credit Card Scam - Weak Customer Verification Process - FMOS\",\"isPartOf\":{\"@id\":\"https:\/\/www.fmos.org.my\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png\",\"datePublished\":\"2026-04-28T02:17:54+00:00\",\"dateModified\":\"2026-04-29T07:29:28+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#breadcrumb\"},\"inLanguage\":\"ms-MY\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ms-MY\",\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage\",\"url\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png\",\"contentUrl\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png\",\"width\":500,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.fmos.org.my\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Credit Card Scam – Weak Customer Verification Process\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#website\",\"url\":\"https:\/\/www.fmos.org.my\/en\/\",\"name\":\"FMOS\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.fmos.org.my\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.fmos.org.my\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ms-MY\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#organization\",\"name\":\"FMOS\",\"alternateName\":\"Financial Markets Ombudsman Services\",\"url\":\"https:\/\/www.fmos.org.my\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ms-MY\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/FMOS_hori-logo_fullcolor-Custom.png\",\"contentUrl\":\"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/FMOS_hori-logo_fullcolor-Custom.png\",\"width\":262,\"height\":50,\"caption\":\"FMOS\"},\"image\":{\"@id\":\"https:\/\/www.fmos.org.my\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/8fbea4ebb5130d485f32d0731efd4689\",\"name\":\"commsadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ms-MY\",\"@id\":\"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a05f4bcfd9343a8f8d132e42c78c8681f5478a61135065e2d36ad22020b81651?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a05f4bcfd9343a8f8d132e42c78c8681f5478a61135065e2d36ad22020b81651?s=96&d=mm&r=g\",\"caption\":\"commsadmin\"},\"url\":\"https:\/\/www.fmos.org.my\/bm\/author\/commsadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Credit Card Scam - Weak Customer Verification Process - FMOS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fmos.org.my\/bm\/credit-card-scam-weak-customer-verification-process\/","og_locale":"ms_MY","og_type":"article","og_title":"Credit Card Scam - Weak Customer Verification Process - FMOS","og_description":"Shane fell victim to a credit card scam in which his mobile device was compromised. He disputed 25 unauthorised credit card transactions totalling RM23,205, performed between 11 and 15 February 2024. The investigation revealed that a fraudster successfully impersonated Shane by contacting the bank\u2019s call centre. The fraudster was able to obtain temporary online banking […]","og_url":"https:\/\/www.fmos.org.my\/bm\/credit-card-scam-weak-customer-verification-process\/","og_site_name":"FMOS","article_published_time":"2026-04-28T02:17:54+00:00","article_modified_time":"2026-04-29T07:29:28+00:00","og_image":[{"width":500,"height":500,"url":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png","type":"image\/png"}],"author":"commsadmin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"commsadmin","Est. reading time":"2 minit"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#article","isPartOf":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/"},"author":{"name":"commsadmin","@id":"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/8fbea4ebb5130d485f32d0731efd4689"},"headline":"Credit Card Scam – Weak Customer Verification Process","datePublished":"2026-04-28T02:17:54+00:00","dateModified":"2026-04-29T07:29:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/"},"wordCount":352,"publisher":{"@id":"https:\/\/www.fmos.org.my\/en\/#organization"},"image":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage"},"thumbnailUrl":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png","articleSection":["Banking, islamic banking & payment systems","Case Studies"],"inLanguage":"ms-MY"},{"@type":"WebPage","@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/","url":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/","name":"Credit Card Scam - Weak Customer Verification Process - FMOS","isPartOf":{"@id":"https:\/\/www.fmos.org.my\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage"},"image":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage"},"thumbnailUrl":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png","datePublished":"2026-04-28T02:17:54+00:00","dateModified":"2026-04-29T07:29:28+00:00","breadcrumb":{"@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#breadcrumb"},"inLanguage":"ms-MY","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/"]}]},{"@type":"ImageObject","inLanguage":"ms-MY","@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#primaryimage","url":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png","contentUrl":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/AR-Case-Studies-01.png","width":500,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/www.fmos.org.my\/credit-card-scam-weak-customer-verification-process\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fmos.org.my\/en\/"},{"@type":"ListItem","position":2,"name":"Credit Card Scam – Weak Customer Verification Process"}]},{"@type":"WebSite","@id":"https:\/\/www.fmos.org.my\/en\/#website","url":"https:\/\/www.fmos.org.my\/en\/","name":"FMOS","description":"","publisher":{"@id":"https:\/\/www.fmos.org.my\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fmos.org.my\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ms-MY"},{"@type":"Organization","@id":"https:\/\/www.fmos.org.my\/en\/#organization","name":"FMOS","alternateName":"Financial Markets Ombudsman Services","url":"https:\/\/www.fmos.org.my\/en\/","logo":{"@type":"ImageObject","inLanguage":"ms-MY","@id":"https:\/\/www.fmos.org.my\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/FMOS_hori-logo_fullcolor-Custom.png","contentUrl":"https:\/\/www.fmos.org.my\/wp-content\/uploads\/2026\/04\/FMOS_hori-logo_fullcolor-Custom.png","width":262,"height":50,"caption":"FMOS"},"image":{"@id":"https:\/\/www.fmos.org.my\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/8fbea4ebb5130d485f32d0731efd4689","name":"commsadmin","image":{"@type":"ImageObject","inLanguage":"ms-MY","@id":"https:\/\/www.fmos.org.my\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a05f4bcfd9343a8f8d132e42c78c8681f5478a61135065e2d36ad22020b81651?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a05f4bcfd9343a8f8d132e42c78c8681f5478a61135065e2d36ad22020b81651?s=96&d=mm&r=g","caption":"commsadmin"},"url":"https:\/\/www.fmos.org.my\/bm\/author\/commsadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/posts\/9901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/comments?post=9901"}],"version-history":[{"count":2,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/posts\/9901\/revisions"}],"predecessor-version":[{"id":10026,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/posts\/9901\/revisions\/10026"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/media\/9923"}],"wp:attachment":[{"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/media?parent=9901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/categories?post=9901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fmos.org.my\/bm\/wp-json\/wp\/v2\/tags?post=9901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}