Scams targeting electronic banking have increased drastically in the country, with the number more than doubling over the past year.
A total of 1,426 reports were made to CyberSecurity Malaysia last year compared with 634 in 2009.
Those who fell for these scams were usually new Internet banking account holders and those who lacked a general understanding of Internet security.
CyberSecurity Malaysia CEO Lt-Col (Rtd) Husin Jazri said the trap was to trick Internet banking account holders into revealing their online banking username and password.
He said the first step was to despatch e-mails to account holders informing them of a “hitch” in their accounts, and that they should immediately log in to the account to verify some information.
“They are then asked to click on a link in the e-mail, which leads the user to a fake website which is identical to an e-banking corporate website.
“These fake websites are also known as ‘phishing’ sites.
“The websites are used to mislead users into logging in by entering their usernames and passwords, which are immediately copied by the creator of the site.
“The cyber criminal can then log in and empty the users’ entire account in minutes if the amount is within the limit allowed to be transferred in a day,” he pointed out.
Lt-Col Husin attributed the rise in Internet banking scams to the increasing popularity of online banking among Malaysians.
He said CyberSecurity Malaysia had identified at least 900 unique phishing sites targeting financial institutions in the country, adding that it was quite easy for crooks to obtain personal information, usernames, passwords or credit card information through the phishing websites.
“Phishing or identity theft only happens when Internet users share their online banking information which is not meant to be shared in the first place,” he explained, stressing that it was crucial for e-banking users to be aware of online security measures.
CyberSecurity Malaysia is positioned as the national cyber security specialist under the Science, Technology and Innovation Ministry, and operates the Cyber999TM Help Centre for local Internet users.
It also provides safety tips, advisories and specialised services in the fields of cyber security such as digital forensics and wireless security.
Lt-Col Husin advised users who received such e-mails to forward them to email@example.com.