Top cyber security expert Dan discuss how OCBC customers got scammed... - Printable Version
+- SG Talk (https://sgtalk.net)
+-- Forum: SG Talk (https://sgtalk.net/Forum-SG-Talk)
+--- Forum: Market Talk (https://sgtalk.net/Forum-Market-Talk)
+--- Thread: Top cyber security expert Dan discuss how OCBC customers got scammed... (/Thread-Top-cyber-security-expert-Dan-discuss-how-OCBC-customers-got-scammed)
+- SG Talk (https://sgtalk.net)
+-- Forum: SG Talk (https://sgtalk.net/Forum-SG-Talk)
+--- Forum: Market Talk (https://sgtalk.net/Forum-Market-Talk)
+--- Thread: Top cyber security expert Dan discuss how OCBC customers got scammed... (/Thread-Top-cyber-security-expert-Dan-discuss-how-OCBC-customers-got-scammed)
Top cyber security expert Dan discuss how OCBC customers got scammed... - BigBossX - 13-01-2022
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - BigBossX - 13-01-2022
Another expert.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - BigBossX - 13-01-2022
Yet another expert
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - sgbuffett - 13-01-2022
Among the 3 only one that knows something more is Mr. Brown:
1. Hackers fake links to collect login credentials. They know that login password is often same as ATM PIN.
2. They used a feature in OCBC system that allows you to move digital token to another device
3. They were able to send using official sms chain from the bank.
4. They were also able to delay SMS when money was transferred out so customers did not know their money was stolen.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - YummyKing - 13-01-2022
The whole problem is sitting around doing nothing. None of their MP bother to ask what is the garmen going to do or suggest to do? Yo mean with the top brains in It, they cannot think of something? I wonder why telecom cannot trace the mobile numbers? Overseas ones don’t say. But nowadays so many from Singapore... you cannot trace? You buy phone card, you got to give personal details. What the use of doing this?
I say impose death penalty for scammers la! Even cannot catch, will scare the hell out of them! Shanmu is a lost minister when come to this. He will act only if some you know who cannot abused.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - sgbuffett - 13-01-2022
(13-01-2022, 08:52 AM)YummyKing Wrote: The whole problem is sitting around doing nothing. None of their MP bother to ask what is the garmen going to do or suggest to do? Yo mean with the top brains in It, they cannot think of something? I wonder why telecom cannot trace the mobile numbers? Overseas ones don’t say. But nowadays so many from Singapore... you cannot trace? You buy phone card, you got to give personal details. What the use of doing this?
I say impose death penalty for scammers la! Even cannot catch, will scare the hell out of them! Shanmu is a lost minister when come to this. He will act only if some you know who cannot abused.
They are only good at catching WP and PSP over small.things ...other than that they depend on cyber experts.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - Sticw - 13-01-2022
In my opinion OCBC and Telco system failure is the key. Had the sms system worked without a delayed sms to user, the scam transfer would have halted.
Also, we are talking about accounts that likely don't see huge inflow or outflow suddenly switching out all funds, surely that sets alarm for anyone who has an oversight of the flows..
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - Sharexchange - 13-01-2022
Singapore got experts meh? Only foreigners are experts in every field here.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - Huliwang - 13-01-2022
(13-01-2022, 09:12 AM)Sticw Wrote: In my opinion OCBC and Telco system failure is the key. Had the sms system worked without a delayed sms to user, the scam transfer would have halted.
Also, we are talking about accounts that likely don't see huge inflow or outflow suddenly switching out all funds, surely that sets alarm for anyone who has an oversight of the flows..
If that is the case, then I think PAP shud step in and hold the Bank and Telco responsible and make them compensate the victims on a 50-50 basis or hold a COP to apportion percentage of responsibility. ....
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - starbugs - 13-01-2022
You know who is the papaya minister in charge of cybersecurity?
Really ROFL when you know who she is and her credentials in cybersecurity.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - sgbuffett - 13-01-2022
(13-01-2022, 09:20 AM)Huliwang Wrote: If that is the case, then I think PAP shud step in and hold the Bank and Telco responsible and make them compensate the victims on a 50-50 basis or hold a COP to apportion percentage of responsibility. ....
Customers should be compensated 100% for following.
1. Scammers made use of OCBC banking features to carry out the scam- movement of digital token to another device
2. The sms came in via the same chain as official OCBC sms.
3. Delay of sms notification exploits flaws in OCBC -telecom interface system.
Customers are not responsible for above.
The sms based cyber attacks were reveal already in various cyber conferences but no fixed was made.
My conclusion is the system is designed not to protect against some of the low probability attacks leaving Customers vulnerable. Either this or they were not even aware.
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - A2Z - 13-01-2022
Absolutely agree that all customers must be 100% reimbursed not their fault. Why Mas so silent?
RE: Top cyber security expert Dan discuss how OCBC customers got scammed... - ArielCasper - 13-01-2022
The funny thing is OCBC is the only bank that allow you to login via Singpass as an alternative, which I thought is a good idea since you don't need to remember your login ID and password..
If someone wish to compromised their Singpass logic, then they are tons of other info that are affected..
Some might think too risky to rely on Singpass , but my take about security is it is only as good as how serious user take it.. If they hack care about security, there is nothing that can be done to minimize that risk.