18-01-2022, 08:20 AM
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
![](https://i.imgur.com/CLvY2jA.png")
Top Programmer Kelvin explains how OCBC phising scam was done
I, being poor, have only my dreams; I have spread my dreams under your feet; Tread softly because you tread on my dreams.
![[+]](https://sgtalk.net/images/bootbb/collapse_collapsed.png)
18-01-2022, 09:11 AM
How you came to the conclusion that he's a top programmer?
18-01-2022, 09:15 AM
physical tokens are much more reliable.
18-01-2022, 09:26 AM
Then sgtalk.net how? Only two parts need check to be sure you are on the right website. One is SGTALK and two is .NET. Once these two are there then you can be assured that is the correct sgtalk.
Same for banks... make sure OCBC or DBS or UOB and that .COM is there.....
Same for banks... make sure OCBC or DBS or UOB and that .COM is there.....
Thinking is difficult, that's why most people judge
Carl Jung
18-01-2022, 11:10 AM
At least the banning of alphanumeric sender ID is a constructive suggestion.. Authorities should consider that.
From what this guy say, using software token (ie banking app on your mobile phone) instead of OTP is something that you can do to minimize being scammed.. So guys, to protect your money, do start doing it.
From what this guy say, using software token (ie banking app on your mobile phone) instead of OTP is something that you can do to minimize being scammed.. So guys, to protect your money, do start doing it.
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
18-01-2022, 11:12 AM
Digital token can work, cos you can have sms sent as a 2nd key and then a mandatory face recognition live authentication.
But we are not seeing the use of facial recognition as another layer of secure, at least not prevailing in SG.
But we are not seeing the use of facial recognition as another layer of secure, at least not prevailing in SG.
18-01-2022, 11:18 AM
(18-01-2022, 08:20 AM)sgbuffett Wrote:
I don't why he explain so much, I know he trying to show explain how people send fake sms etc.
SUMMARY YOU just DON'T CLICK ANY LINK BEEN SEND FROM ANOTHER AUTHORITY EVEN FROM GOV SO CALL EVEN IS REAL , LET SAY You just purchase something or send payment, DBS message come in, Got link or don't have JUST DON'T CLICK simple as that , Want to check , go the Official site to check.
YOU WANT TO CHECK AND CLICK JUST GO THEIR REAL SITE FIND OUT WHAT HAPPEN THAT.
SIMPLE AS THAT.
18-01-2022, 11:22 AM
face, fingerprint, iris and uvea, as long as they can be digitised as images, all can be faked.
recently there's a case where a guy lifted his gf eyelid to take her iris photo to steal her money right?
recently there's a case where a guy lifted his gf eyelid to take her iris photo to steal her money right?
18-01-2022, 01:40 PM
many gov portal like
moh still send link
to declare ....
moh still send link
to declare ....
18-01-2022, 01:58 PM
Kelvin's video clip is very informative, but a bit to cheem and too fast paced for me........
18-01-2022, 03:09 PM
Even after Kelvin's explanation, i still dont know how these OCBC customers lose total control of their acct even after giving their login and pin pwd..
You see, if they hv been phished and after they gave their credentials away, the fake website must return with a response to them right?
If the response is not what they expect, then they can immediately go to their app or website and login again to change their login and pwd, right?
Instead, they sit on it and do the next stupig thing and that is to call the hotline
Give up
You see, if they hv been phished and after they gave their credentials away, the fake website must return with a response to them right?
If the response is not what they expect, then they can immediately go to their app or website and login again to change their login and pwd, right?
Instead, they sit on it and do the next stupig thing and that is to call the hotline
Give up
18-01-2022, 03:20 PM
Even a young programmer knows so much of how and where the loopholes are. Yet nothing can be done to shut the loophole? 
18-01-2022, 04:35 PM
(18-01-2022, 03:09 PM)Sentinel Wrote: Even after Kelvin's explanation, i still dont know how these OCBC customers lose total control of their acct even after giving their login and pin pwd..
You see, if they hv been phished and after they gave their credentials away, the fake website must return with a response to them right?
If the response is not what they expect, then they can immediately go to their app or website and login again to change their login and pwd, right?
Instead, they sit on it and do the next stupig thing and that is to call the hotline
Give up
Agreed we don't have the full picture. To answer your part on quickly change password, since they already have your login and password, they can also changed the password before you can do so.
Anyway, wait for the official findings. Meanwhile, don't click any link in SMS to be safe.
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
18-01-2022, 04:39 PM
(18-01-2022, 04:35 PM)ArielCasper Wrote: Agreed we don't have the full picture. To answer your part on quickly change password, since they already have your login and password, they can also changed the password before you can do so.There is no way the scammer can be quicker than you
Anyway, wait for the official findings. Meanwhile, don't click any link in SMS to be safe.
18-01-2022, 04:41 PM
our institutes of higher learning and govt organizations hv many experts how cum no help?
18-01-2022, 04:45 PM
(18-01-2022, 04:39 PM)Sentinel Wrote: There is no way the scammer can be quicker than you
Why not? The fake website make u key in the login password twice to confirm they got the correct credentials. The 3rd time you try, they would already be logging in to the real website if they want to.
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
18-01-2022, 05:37 PM
(18-01-2022, 04:45 PM)ArielCasper Wrote: Why not? The fake website make u key in the login password twice to confirm they got the correct credentials. The 3rd time you try, they would already be logging in to the real website if they want to.Use your fking brain a bit can or not?
The scammer has to configure the OTP to another phone, etc before able to scam and even if you gave them the login OTP, they will still need to configure for the next OTP to their phone, or download the app install and change phone number, etc
Whereas you just need to login and change your pwd and login id
You tell me who is faster?
18-01-2022, 06:21 PM
I received the scam sms from OCBC but did not click on the link because it looks exactly like the DBS scam, except it is in sms form and not the scammer calling me personally using his WhatsApp line.
I asked the scammer which account was being locked and he couldn't give me the number.
For the sms, no mention of which account(I have many) is being locked. So I deduced that they are of similar type of scam.
But I have to say OCBC has very lax internal control. Once, I received a letter that said Paynow is linked to my account which I did not apply for. Went to the bank the next morning and complain.
I asked the scammer which account was being locked and he couldn't give me the number.
For the sms, no mention of which account(I have many) is being locked. So I deduced that they are of similar type of scam.
But I have to say OCBC has very lax internal control. Once, I received a letter that said Paynow is linked to my account which I did not apply for. Went to the bank the next morning and complain.
18-01-2022, 06:36 PM
(18-01-2022, 06:21 PM)Clyde Wrote: I received the scam sms from OCBC but did not click on the link because it looks exactly like the DBS scam, except it is in sms form and not the scammer calling me personally using his WhatsApp line.
I asked the scammer which account was being locked and he couldn't give me the number.
For the sms, no mention of which account(I have many) is being locked. So I deduced that they are of similar type of scam.
But I have to say OCBC has very lax internal control. Once, I received a letter that said Paynow is linked to my account which I did not apply for. Went to the bank the next morning and complain.
How come when you did not apply for Paynow, OCBC send you a letter to say you applied for it. This is very mysterious ......
18-01-2022, 08:40 PM
(18-01-2022, 05:37 PM)Sentinel Wrote: Use your fking brain a bit can or not?Use your fking brain can or not.. If they are pro scammer, you think they don't have all those mean and skills to do that fast..
The scammer has to configure the OTP to another phone, etc before able to scam and even if you gave them the login OTP, they will still need to configure for the next OTP to their phone, or download the app install and change phone number, etc
Whereas you just need to login and change your pwd and login id
You tell me who is faster?
You don't have the skills doesn't mean that the scammers are having the same fking brain as you..
So, telling your fking brain, scammer faster..
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
18-01-2022, 09:22 PM
(18-01-2022, 08:40 PM)ArielCasper Wrote: Use your fking brain can or not.. If they are pro scammer, you think they don't have all those mean and skills to do that fast..
You don't have the skills doesn't mean that the scammers are having the same fking brain as you..
So, telling your fking brain, scammer faster..
There really is no fking cure for your type of stupigity
Grasping on last straw
*Shake head*
19-01-2022, 02:34 PM
(18-01-2022, 09:22 PM)Sentinel Wrote: There really is no fking cure for your type of stupigity
Grasping on last straw
*Shake head*
I am your cure to your fking stupigity!!
*Shake head twice*
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
19-01-2022, 03:01 PM
Better cancel all internet banking accounts!
19-01-2022, 03:54 PM
19-01-2022, 04:11 PM
(18-01-2022, 03:09 PM)Sentinel Wrote: Even after Kelvin's explanation, i still dont know how these OCBC customers lose total control of their acct even after giving their login and pin pwd..
You see, if they hv been phished and after they gave their credentials away, the fake website must return with a response to them right?
If the response is not what they expect, then they can immediately go to their app or website and login again to change their login and pwd, right?
Instead, they sit on it and do the next stupig thing and that is to call the hotline
Give up
They will not realise so fast. The speed of emptying the account must be near maximum speed.
19-01-2022, 04:16 PM
19-01-2022, 10:41 PM
(19-01-2022, 03:54 PM)Sentinel Wrote: Dumbass, always miss the pt, dun know why u still alive, your type needs to be culledDumbass keep saying people missed his pt when he keep missing people's point..
*Give up*
Don't know why he is still alive and need to be cull.. That I definitely agree..
1. I have served the nation in a combat unit for 2.5 + 10 years. I had fulfilled my duty as a citizen, but has the country do it's part for me?
2. I don't know where the threat of CCP is, but I know the threat of CECA is already at my doorsteps
3. I had been called a CCP, JHK, Pinoy, but they never called me a CECA..
19-01-2022, 10:58 PM
i suspect is inside work
19-01-2022, 11:00 PM
« Next Oldest | Next Newest »
Users browsing this thread: 1 Guest(s)
