Posts: 11,143
Threads: 10
Likes Received: 3,287 in 2,570 posts
Likes Given: 1,117
Seriously I dun think there is such thing as "iron clad" security in the digital realm now or in the future. Users better do their part like if they dun want to have their life savings be wiped out by scammers like just having a separate account with small deposits for digital banking purposes.
Thinking is difficult, that's why most people judge
Carl Jung
Posts: 7,617
Threads: 118
Likes Received: 2,133 in 1,705 posts
Likes Given: 507
(10-06-2023, 12:28 PM)limpeh394 Wrote: the key here is OTP, becos it sit on the SAME device
if the OTP cum from hardware token, then the risks is greatly reduced
Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
Posts: 15,226
Threads: 1,884
Likes Received: 3,518 in 2,662 posts
Likes Given: 10,359
(10-06-2023, 12:24 PM)RichDad Wrote: It is malware, not just clicking on links.
I dont think the banks can do anything if someone takes control of your phone and do transactions if the guy knows your password and have access to otp.
Unless they do away with passwords n need your face or fingerprint to login only. But you blur blur login cos scammer ask you to, then gone case.
Not sure if it possible to disallow remote control of phone. Remote control got to pass thru some gateway right?
Dun think Abdroid os has remote access feature at all
Posts: 2,616
Threads: 428
Likes Received: 785 in 654 posts
Likes Given: 790
(10-06-2023, 12:56 PM)winbig Wrote: Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
lfe saving more impt than troublesome
Posts: 28,304
Threads: 8,469
Likes Received: 4,861 in 3,832 posts
Likes Given: 685
(10-06-2023, 12:24 PM)RichDad Wrote: It is malware, not just clicking on links.
I dont think the banks can do anything if someone takes control of your phone and do transactions if the guy knows your password and have access to otp.
Unless they do away with passwords n need your face or fingerprint to login only. But you blur blur login cos scammer ask you to, then gone case.
Not sure if it possible to disallow remote control of phone. Remote control got to pass thru some gateway right?
If that can happen isn't it caused by banks saving money by getting rid of hardware tokens.
Having all authentication on the device itself is a flaw....security has to be on separate hardware by design
Because banks save money Singaporeans suffer now losing their lifesavings.
The situation with scans and fraud is 100x worse than 20yrs ago...its not right.
A responsible govt will treat this with high priority...
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
(This post was last modified: 10-06-2023, 01:51 PM by
sgbuffett.)
Posts: 24,753
Threads: 53
Likes Received: 4,568 in 4,112 posts
Likes Given: 1,180
It took you so long to figure out how to post tik tok on sgtalk, are you digitally vulnerable? Have to be very careful when using banking apps
Posts: 8,919
Threads: 1,133
Likes Received: 2,113 in 1,736 posts
Likes Given: 1
mas shld enforce local banks to let customers choose hard token or otp on hp
now we hv no choice
all banks phased out hard token to save money
a choice shld be given for us to choose either not force u to just use hp otp
Posts: 28,304
Threads: 8,469
Likes Received: 4,861 in 3,832 posts
Likes Given: 685
(10-06-2023, 12:56 PM)winbig Wrote: Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
People have progress to rechargeable tokens with one charge going for 5yr.
Putting all security on a single device is extremely flawed.
Once the device is compromised by what ever means be it remote access malware or security flaws your life savings is gone.
Property separation of credentials and authentication process is fundamental to security.
With scan and fraud going up 100 times from 15yrs ago authorities should awake responsibility to adopt practices that work. Like in other countries that require separation for financial banking transactions.
Singapore can become a "cannot " country ....thungs that benefit citizens cannot be done.
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
(This post was last modified: 10-06-2023, 02:11 PM by
sgbuffett.)
Posts: 11,272
Threads: 10
Likes Received: 3,971 in 3,102 posts
Likes Given: 1,366
They already warned you subtly, you din realized?
DBS - Don't Be Scammed.
Posts: 19,616
Threads: 696
Likes Received: 7,603 in 6,218 posts
Likes Given: 5,923
Those hackers just knock lightly
and DBS door came crashing down
worse than paper
Sack half the Mayors & PAP Ministers
Posts: 4,014
Threads: 2
Likes Received: 704 in 669 posts
Likes Given: 1
The passbook booklet is most secure.
Posts: 15,226
Threads: 1,884
Likes Received: 3,518 in 2,662 posts
Likes Given: 10,359
2fa should be very secure
Besides, there is no such thing as malware taking over control of your phone remotely as your phone is not rooted
And Android os has no remote access capabilities, unlike Windows
Posts: 2,763
Threads: 3
Likes Received: 418 in 373 posts
Likes Given: 187
the fight beween security and hackers will continue.
for us the users, only link 1 account with limited fund enough for a week or month uses or the amount one is willing to loose.
transfer money into this account from other bank account using atm. atm networks are lease line not link to internet. so hackers has no access. unless some banks go link these private networks to internet.
teleco bear the responsibility to provide free singapore only call from sim. allow international connection on a small fee. majority of singapore residents who has mobile do not need to contact overseas. especially elder one.
why for telco commercial need they expose the majority of users to risk of being hack.
i sim that is use for data only, yet there can be call from the group of swindler that call to say you have problem with moh, customs, bank credit card having big suspected transaction amount etc.
telcos are guilty of aiding fraud by allowing connection from these.
Posts: 4,765
Threads: 45
Likes Received: 1,704 in 1,395 posts
Likes Given: 1,258
Overseas, elderly wants to live independently so banks tell them to consolidate accounts for easy management.
In Singapore, we must have multiple/ diversify our bank accounts to confuse ourselves and hackers.
(This post was last modified: 17-06-2023, 08:01 AM by
Wy:Nox.)
Posts: 4,901
Threads: 1,175
Likes Received: 274 in 266 posts
Likes Given: 890
(10-06-2023, 11:45 AM)sgbuffett Wrote: All these cases where someone click or link or install and app after that all their life savings are stolen from their bank accounts through their banking app.
The common reaction is it is that it is the fault of users for clicking unauthorised links.
But if you think about the banking app is supposed to have ironclad security. How can hackers bypass the 2 factor required to get access the money in the account.
How can clicking on links or installing an app result in the app being broken into.
Until now their is no explanation on the security flaws in the banking app exploited hackers and scanmers .
Previously, we were told so long as our 2 factor credentials are not given away the scanners have no way to take our money.
But in recent cases, scammers take control of the phone and still can drain the bank account.
Given the numerous cases of scans that total tens of millions every year shouldn't we bring back the hardware tokens and audit the bank apps to make sure it cannot be broken into.Should we have funds transfer traceability like in other countries so we can reverse fraudulent transactions. Should transfers to overseas be blocked by default. If it is all to local accounts and can be trace we should be able to find culprits. I want to hear what they are going to do not pushing down the blame.
I find it all very disappointing that the authorities and banks are more interested in pushing the blame on consumers than doing something more to prevent scams.
https://www.asiaone.com/singapore/gone-2...-app-phone
https://mothership.sg/2023/06/dim-sum-instagram-scam/
I find it all very disappointing that the authorities and banks are more interested in pushing the blame on consumers than doing something more to prevent scams.
Life saving gone is no jokes. Risks cos globally billions of people were trained in computer. remember years ago, Bangla govt got $80m stolen after few Hopps caught few hackers.impo.
(This post was last modified: 17-06-2023, 08:24 AM by
Rubitin.)
Posts: 7,041
Threads: 1,939
Likes Received: 1,619 in 1,344 posts
Likes Given: 10,939
Notification from bank on any transfer and spending with SMS + either Email, Whatsapp, Wechat......and all online transfer and spending need OTP + Singpass
(This post was last modified: 17-06-2023, 08:34 AM by
CHAOS.)
Posts: 128
Threads: 0
Likes Received: 7 in 7 posts
Likes Given: 0
It's important that the mobile number used for banking isn't shared or used in other apps.
I opt for using temporary numbers for banking 2FAs, and here's why: by using a dedicated, separate number solely for banking purposes, I minimize the risk of exposure to potential security breaches stemming from other apps or services.
I get the temporary phone numbers from a free service. They also have numbers for rent, if you want the number to be available only to you. This is the service
AnonymSMS
(This post was last modified: 16-05-2024, 05:19 PM by
thisishct.)
Users browsing this thread: 1 Guest(s)
![](https://i.imgur.com/CLvY2jA.png")
![[+]](https://sgtalk.net/images/bootbb/collapse_collapsed.png)
