Posts: 10,474
Threads: 9
Likes Received: 3,114 in 2,441 posts
Likes Given: 1,063
Seriously I dun think there is such thing as "iron clad" security in the digital realm now or in the future. Users better do their part like if they dun want to have their life savings be wiped out by scammers like just having a separate account with small deposits for digital banking purposes.
Thinking is difficult, that's why most people judge
Carl Jung
Posts: 6,841
Threads: 105
Likes Received: 1,936 in 1,544 posts
Likes Given: 450
(10-06-2023, 12:28 PM)limpeh394 Wrote: the key here is OTP, becos it sit on the SAME device
if the OTP cum from hardware token, then the risks is greatly reduced
Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
Posts: 14,019
Threads: 1,637
Likes Received: 3,355 in 2,528 posts
Likes Given: 9,753
(10-06-2023, 12:24 PM)RichDad Wrote: It is malware, not just clicking on links.
I dont think the banks can do anything if someone takes control of your phone and do transactions if the guy knows your password and have access to otp.
Unless they do away with passwords n need your face or fingerprint to login only. But you blur blur login cos scammer ask you to, then gone case.
Not sure if it possible to disallow remote control of phone. Remote control got to pass thru some gateway right?
Dun think Abdroid os has remote access feature at all
Posts: 2,607
Threads: 426
Likes Received: 784 in 653 posts
Likes Given: 790
(10-06-2023, 12:56 PM)winbig Wrote: Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
lfe saving more impt than troublesome
Posts: 24,653
Threads: 7,101
Likes Received: 4,364 in 3,435 posts
Likes Given: 567
(10-06-2023, 12:24 PM)RichDad Wrote: It is malware, not just clicking on links.
I dont think the banks can do anything if someone takes control of your phone and do transactions if the guy knows your password and have access to otp.
Unless they do away with passwords n need your face or fingerprint to login only. But you blur blur login cos scammer ask you to, then gone case.
Not sure if it possible to disallow remote control of phone. Remote control got to pass thru some gateway right?
If that can happen isn't it caused by banks saving money by getting rid of hardware tokens.
Having all authentication on the device itself is a flaw....security has to be on separate hardware by design
Because banks save money Singaporeans suffer now losing their lifesavings.
The situation with scans and fraud is 100x worse than 20yrs ago...its not right.
A responsible govt will treat this with high priority...
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
(This post was last modified: 10-06-2023, 01:51 PM by
sgbuffett.)
Posts: 20,597
Threads: 46
Likes Received: 4,114 in 3,723 posts
Likes Given: 1,093
It took you so long to figure out how to post tik tok on sgtalk, are you digitally vulnerable? Have to be very careful when using banking apps
Posts: 7,605
Threads: 970
Likes Received: 1,854 in 1,513 posts
Likes Given: 0
mas shld enforce local banks to let customers choose hard token or otp on hp
now we hv no choice
all banks phased out hard token to save money
a choice shld be given for us to choose either not force u to just use hp otp
Posts: 24,653
Threads: 7,101
Likes Received: 4,364 in 3,435 posts
Likes Given: 567
(10-06-2023, 12:56 PM)winbig Wrote: Hardware token very troublesome. Have to change when battery runs out. When u need to log in and the hardware token battery runs out .....
People have progress to rechargeable tokens with one charge going for 5yr.
Putting all security on a single device is extremely flawed.
Once the device is compromised by what ever means be it remote access malware or security flaws your life savings is gone.
Property separation of credentials and authentication process is fundamental to security.
With scan and fraud going up 100 times from 15yrs ago authorities should awake responsibility to adopt practices that work. Like in other countries that require separation for financial banking transactions.
Singapore can become a "cannot " country ....thungs that benefit citizens cannot be done.
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
(This post was last modified: 10-06-2023, 02:11 PM by
sgbuffett.)
Posts: 8,507
Threads: 9
Likes Received: 3,006 in 2,335 posts
Likes Given: 1,109
They already warned you subtly, you din realized?
DBS - Don't Be Scammed.
Posts: 15,659
Threads: 561
Likes Received: 6,447 in 5,191 posts
Likes Given: 5,089
Those hackers just knock lightly
and DBS door came crashing down
worse than paper
Why do we need 5 Mayors and 80 PAP Ministers?
Posts: 2,912
Threads: 1
Likes Received: 543 in 517 posts
Likes Given: 1
The passbook booklet is most secure.
Posts: 14,019
Threads: 1,637
Likes Received: 3,355 in 2,528 posts
Likes Given: 9,753
2fa should be very secure
Besides, there is no such thing as malware taking over control of your phone remotely as your phone is not rooted
And Android os has no remote access capabilities, unlike Windows
Posts: 2,034
Threads: 2
Likes Received: 345 in 307 posts
Likes Given: 184
the fight beween security and hackers will continue.
for us the users, only link 1 account with limited fund enough for a week or month uses or the amount one is willing to loose.
transfer money into this account from other bank account using atm. atm networks are lease line not link to internet. so hackers has no access. unless some banks go link these private networks to internet.
teleco bear the responsibility to provide free singapore only call from sim. allow international connection on a small fee. majority of singapore residents who has mobile do not need to contact overseas. especially elder one.
why for telco commercial need they expose the majority of users to risk of being hack.
i sim that is use for data only, yet there can be call from the group of swindler that call to say you have problem with moh, customs, bank credit card having big suspected transaction amount etc.
telcos are guilty of aiding fraud by allowing connection from these.
Posts: 3,621
Threads: 30
Likes Received: 1,297 in 1,054 posts
Likes Given: 1,021
Overseas, elderly wants to live independently so banks tell them to consolidate accounts for easy management.
In Singapore, we must have multiple/ diversify our bank accounts to confuse ourselves and hackers.
(This post was last modified: 17-06-2023, 08:01 AM by
Wy:Nox.)
Posts: 4,407
Threads: 1,005
Likes Received: 264 in 256 posts
Likes Given: 788
(10-06-2023, 11:45 AM)sgbuffett Wrote: All these cases where someone click or link or install and app after that all their life savings are stolen from their bank accounts through their banking app.
The common reaction is it is that it is the fault of users for clicking unauthorised links.
But if you think about the banking app is supposed to have ironclad security. How can hackers bypass the 2 factor required to get access the money in the account.
How can clicking on links or installing an app result in the app being broken into.
Until now their is no explanation on the security flaws in the banking app exploited hackers and scanmers .
Previously, we were told so long as our 2 factor credentials are not given away the scanners have no way to take our money.
But in recent cases, scammers take control of the phone and still can drain the bank account.
Given the numerous cases of scans that total tens of millions every year shouldn't we bring back the hardware tokens and audit the bank apps to make sure it cannot be broken into.Should we have funds transfer traceability like in other countries so we can reverse fraudulent transactions. Should transfers to overseas be blocked by default. If it is all to local accounts and can be trace we should be able to find culprits. I want to hear what they are going to do not pushing down the blame.
I find it all very disappointing that the authorities and banks are more interested in pushing the blame on consumers than doing something more to prevent scams.
https://www.asiaone.com/singapore/gone-2...-app-phone
https://mothership.sg/2023/06/dim-sum-instagram-scam/
I find it all very disappointing that the authorities and banks are more interested in pushing the blame on consumers than doing something more to prevent scams.
Life saving gone is no jokes. Risks cos globally billions of people were trained in computer. remember years ago, Bangla govt got $80m stolen after few Hopps caught few hackers.impo.
(This post was last modified: 17-06-2023, 08:24 AM by
Rubitin.)
Posts: 6,506
Threads: 1,702
Likes Received: 1,543 in 1,281 posts
Likes Given: 10,249
Notification from bank on any transfer and spending with SMS + either Email, Whatsapp, Wechat......and all online transfer and spending need OTP + Singpass
(This post was last modified: 17-06-2023, 08:34 AM by
CHAOS.)
Posts: 78
Threads: 0
Likes Received: 4 in 4 posts
Likes Given: 0
It's important that the mobile number used for banking isn't shared or used in other apps.
I opt for using temporary numbers for banking 2FAs, and here's why: by using a dedicated, separate number solely for banking purposes, I minimize the risk of exposure to potential security breaches stemming from other apps or services.
I get the temporary phone numbers from a free service. They also have numbers for rent, if you want the number to be available only to you. This is the service
AnonymSMS
(This post was last modified: 16-05-2024, 05:19 PM by
thisishct.)
Users browsing this thread: 1 Guest(s)
![](https://i.imgur.com/CLvY2jA.png")
![[+]](https://sgtalk.net/images/bootbb/collapse_collapsed.png)
