If all.money is stolen it may be costly to sue bank to get funds back.
I am requesting to use only security token for OTP and stop using SMS for transactions ....
Banks are not required to compensate you if it happens. They are only doing so this time out of "goodwill". If they refuse to compensate you can't do anything.
Also I find MAS statement disturbing to conclude that bank system is secure when the method of user authentication can be hijacked by fraudsters...doesn't this make it "unsecure"...yes the hacking occurred elsewhere but the bank is using an unsecured mechanism for authentication. So how can MAS conclude that the bank system is secure.
I feel they are making light of this whole thing. Imagine the distress if you wake up one day and all your money with the bank is gone....they should order a block of this ....
Quote:Given the unique circumstances of these cases, banks will provide a goodwill waiver to affected customers who had taken care to protect their credentials.
https://www.mas.gov.sg/news/media-releas...d-payments
Was it reported that a few days ago, Singtel was hacked and all the OTP diverted to hackers who combined the bank details and scam away $$$$$$$.
Yes, security token seems to be much safer.
(19-09-2021, 01:30 PM)Ola Wrote: [ -> ]Was it reported that a few days ago, Singtel was hacked and all the OTP diverted to hackers who combined the bank details and scam away $$$$$$$.
Yes, security token seems to be much safer.
Can you provide link to SingTel hacking? Can't seem to find it.
(19-09-2021, 01:18 PM)sgbuffett Wrote: [ -> ]If all.money is stolen it may be costly to sue bank to get funds back.
I am requesting to use only security token for OTP and stop using SMS for transactions ....
Banks are not required to compensate you if it happens. They are only doing so this time out of "goodwill". If they refuse to compensate you can't do anything.
Also I find MAS statement disturbing to conclude that bank system is secure when the method of user authentication can be hijacked by fraudsters...doesn't this make it "unsecure"...yes the hacking occurred elsewhere but the bank is using an unsecured mechanism for authentication. So how can MAS conclude that the bank system is secure.
I feel they are making light of this whole thing. Imagine the distress if you wake up one day and all your money with the bank is gone....they should order a block of this ....
https://www.mas.gov.sg/news/media-releas...d-payments
From what I understand, the security token already obsolete and no longer can be used. All hv been linked to mobile with a OTP to access transactions. Correct me if i am wrong.
(19-09-2021, 01:30 PM)Ola Wrote: [ -> ]Was it reported that a few days ago, Singtel was hacked and all the OTP diverted to hackers who combined the bank details and scam away $$$$$$$.
Yes, security token seems to be much safer.
I still prefer the small offline HARDWARE security token, but all banks are phasing them out.
For app-based token, I guess it is better to install it onto another (dedicated) phone that one doesn't use to surf web. This will minimise the chance of hackers also hijacking the installed banking app for the OTP.
You shud never link your cards or digital banking to your large accounts. Open an account with balance of around $100k for your cashless spending. So if fraudsters manage to empty it, you lost at most $100k and not a few.millions.....
(19-09-2021, 02:31 PM)sgxin Wrote: [ -> ]I still prefer the small offline HARDWARE security token, but all banks are phasing them out.
For app-based token, I guess it is better to install it onto another (dedicated) phone that one doesn't use to surf web. This will minimise the chance of hackers also hijacking the installed banking app for the OTP.
my suggestions
maybe we add additional x nr of digits and or Y nr of alphabets in front n after the otp only known to the banks(prearranged w the banks) so hackers will not be able to steal
"all the money is gone" ? if you hv set the daily transfer/transaction limits, how could that happen?
(19-09-2021, 03:04 PM)Huliwang Wrote: [ -> ]You shud never link your cards or digital banking to your large accounts. Open an account with balance of around $100k for your cashless spending. So if fraudsters manage to empty it, you lost at most $100k and not a few.millions.....
100k?. ..I was looking at less than 10k.
(19-09-2021, 03:14 PM)hansamu Wrote: [ -> ]100k?. ..I was looking at less than 10k.
That's much better. Mine is more, because I lazy go top up my account so often........
(19-09-2021, 03:19 PM)Huliwang Wrote: [ -> ]That's much better. Mine is more, because I lazy go top up my account so often...
It is because you are a rich man.
Don't have to be so modest.. lol
If I remind the news, it was reported that it is not SingTel or the bank's fault, and they blame on oversea telco.
There wasn't enough details shared to make a logical call if the explanation make sense.
But I fail to see how a oversea telco come into the picture if the registered no to receive OTP is a local number. Maybe some folks here can help to explain.
(19-09-2021, 03:14 PM)WhatDoYouThink? Wrote: [ -> ]"all the money is gone" ? if you hv set the daily transfer/transaction limits, how could that happen?
Don't you know if they have your OTP they can change the limit. Also, credit card/debt...may not have daily limit.
(19-09-2021, 03:34 PM)ArielCasper Wrote: [ -> ]If I remind the news, it was reported that it is not SingTel or the bank's fault, and they blame on oversea telco.
There wasn't enough details shared to make a logical call if the explanation make sense.
But I fail to see how a oversea telco come into the picture if the registered no to receive OTP is a local number. Maybe some folks here can help to explain.
So do not do transaction overseas?
Suspect there could be some insider involved else how to know account is being accessed.
(19-09-2021, 03:14 PM)WhatDoYouThink? Wrote: [ -> ]"all the money is gone" ? if you hv set the daily transfer/transaction limits, how could that happen?
They can also change the limit by transferring the OTP for the change of limit.
(19-09-2021, 03:34 PM)ArielCasper Wrote: [ -> ]If I remind the news, it was reported that it is not SingTel or the bank's fault, and they blame on oversea telco.
There wasn't enough details shared to make a logical call if the explanation make sense.
But I fail to see how a oversea telco come into the picture if the registered no to receive OTP is a local number. Maybe some folks here can help to explain.
It was the morning e- news that reported that Singtel was hacked.
Nothing to do with overseas telco at all. Logically, how many residents here use overseas phone line? NONE, only tourist.
PAP news seems to be trying to cover their backside by changing or removing e- news.
(20-09-2021, 09:57 AM)Ola Wrote: [ -> ]It was the morning e- news that reported that Singtel was hacked.
Nothing to do with overseas telco at all. Logically, how many residents here use overseas phone line? NONE, only tourist.
PAP news seems to be trying to cover their backside by changing or removing e- news.
This is the part that give me the impression about oversea telco..
"They were then able to
receive through the overseas mobile network systems the SMS one-time passwords sent by the banks to the victims."
(19-09-2021, 03:19 PM)Huliwang Wrote: [ -> ]That's much better. Mine is more, because I lazy go top up my account so often........
Rich man.
(19-09-2021, 04:15 PM)Iwatchfirst9 Wrote: [ -> ]So do not do transaction overseas?
Suspect there could be some insider involved else how to know account is being accessed.
Most likely an inside job. I ever used my office computer to do some banking transactions for the first time. On the same day I received an OTP for a transaction that I did not perform. I quickly change my bank password and it never occur again.
Like dat lo.
Chongkong all your money
wat can u do?
Wat you cannot do walking Main street naked is not yours.
That why when Klaus swab was here Chan said cotton came from sheep.
These people surely will in time take all in central control.