SMS scam: MySejahtera Covid-19 cash aid

297
- Advertisement - [resads_adspot id="2"]

The MySejahtera app has cautioned the public against an SMS scam using its name, purportedly offering Covid-19 cash aid.

“MySejahtera does not send any messages about financial assistance to the public.

“Please check MySejahtera’s social media for our official news and announcements,” it tweeted this morning.

This was in response to a phishing scam sent through SMS, which invites mobile phone users to click on a link to check if purported Covid-19 financial aid has been transferred to their Touch N Go e-wallet.

The SMS reads: “RM0 MySejahtera: Bantuan Khas Covid-19 RM500 telah kredit ke TNG eWallet anda. Sila semak baki dan tuntutan anda di https://touchngo.site.”

(MySejahtera: Covid-19 special financial aid of RM500 has been credited to your TNG eWallet. Please check your balance and claim at https://touchngo.site.)

The link is disguised to appear like a legitimate Touch N Go website to trick users into clicking it.

Phishing is an attack that attempts to steal money, identity, or personal information by pretending to be a legitimate website or service provider.

The scammer may try to obtain credit card numbers, bank information, or passwords through phishing.

Rise in scams, data leaks

There has been a rise in scams utilising SMS and mobile phones, resulting in tens of thousands of ringgit losses.

This coincides with reports of data breaches involving the personal information, including phone numbers, of millions of Malaysians.

In April, the personal data of 22.5 million Malaysians were stolen from government servers and sold on the dark web for a reported price of US$10,000 (RM44,550).

The data range from full names, addresses, identity card numbers, and phone numbers, reportedly from the National Registration Department (NRD) database.

In June, data security experts revealed how an Open Systems Intelligence (Osint) tool can be used to obtain personal data from the leaked database.

They said it can also be used to obtain information related to the MySejahtera app.

However, the Home Ministry denied the data came from NRD’s database.

Last week, Communications and Multimedia Minister Annuar Musa said several amendments will be made to the Personal Data Protection Act 2010 following a series of data breaches. – Malaysiakini


Related report:

Aug 10, Scammers using TNG’s name and branding to defraud users through SMS