Phishing Scam

Phishing scam is a type of social engineering attack where fraudster usually masquerading as a trusted entity to deceive victim into clicking a malicious link in email and text message which will lead to the installation of malware in victim’s devices or revealing of victim’s sensitive information to fraudster.

How does it work?

  • Phishing emails and text messages usually appear to be coming from a trusted entity such as bank, Bank Negara Malaysia and claims that bank is now collecting personal banking information to update its database. Victim will be prompted to click on a malicious link in the email or text messages.
  • Once victim clicks on the malicious link, victim will be directed to a website that looks like a legitimate website (bogus website) requesting disclosure of personal information details such as internet/ mobile banking login ID, password and One Time Password and etc.
  • Fraudsters could access to the victims’ internet/ mobile banking account with the credentials that victims inputted into the bogus website.

How to avoid phishing scam?

  • Be wary of fraudulent emails and text claiming to be from reputable sources. Do not click on any links or open any attachments from unverified sender.
  • Always check the spelling of the content in the text or URLs link in the email before your click or enter sensitive information.
  • Never disclose password, PIN and token over the phone, email or SMS. Contact Bank of China immediately if you suspect your credential has been leaked.
  • Always refer to the contact number from Bank of China’s official website or the number at the back of your bank card.
  • Alternatively, you may contact National Scam Response Centre hotline at 997 if you having difficulties in contacting our bank.