Member banks under the ambit of The Association of Banks in Malaysia (ABM) and the Association of Islamic Banking and Financial Institutions Malaysia (AIBIM) today call for heightened vigilance against scams impersonating National Scam Response Centre (NSRC) officers, against a growing number of such scams targeting bank customers.

In such scenarios, the fraudster would pose as an NSRC officer and attempt to scare unsuspecting victims by alleging that their personal information, such as National Registration Identity Card (NRIC) number or mobile number, is linked to illegal or fraudulent activities.

Generally, an NSRC officer impersonation scam works as such:

1. The scam begins with the victim receiving a call from an unknown mobile number, alleging to be an NSRC officer

2. The fraudster would then falsely claim that the victim’s identity or personal particulars have been used in criminal activities, such as money laundering and mule account transactions

3. Then, the fraudster employs lengthy “interrogation” tactics mimicking a real investigation, to establish a sense of legitimacy. This involves repeated phone calls over a prolonged period of time

4. Finally, after gaining the victim’s trust, the fraudster will ask the victim to leave their debit/ ATM card at a designated location. This allows the fraudster to:

• Fraudulently access the victim’s online banking account to make unauthorised transfers and bill payments. If the victim does not have an existing online banking facility, the fraudster could even register for one
• Make unauthorised cash withdrawals at the ATM using the victim’s
  bank card

Customers are urged to immediately hang up if they receive calls from individuals claiming to be NSRC officers, as NSRC only receives calls from the public and does not make any outbound calls to individuals.

Banks also encourage the public to beware of fraudsters who pose as officers from enforcement agencies and regulatory bodies, such as Bank Negara Malaysia and Polis Diraja Malaysia, who use threats and scare tactics over the phone to manipulate victims into transferring monies out of their bank accounts and divulge their online banking credentials.

Additionally, banks would like to remind customers that they will never request sensitive customer information such as:

• Credit/ debit card number and card verification value (CVV) number
• Online banking username and password
• SMS OTP/ TAC numbers

The banking industry remains committed to providing a more secure and safer banking experience to its customers. To counter evolving scam threats, banks implemented five key measures in July 2023, including replacing SMS OTP with a more secure authentication method; tightening fraud detection rules; performing cooling-off period for first-time registration of online banking access; allowing only a single mobile device or secure device to be registered; and enabling a 24/7 dedicated complaint channel for customers.

To defend against various types of scams, customers are encouraged to practise simple cyber hygiene rules such as:

• Never click on hyperlinks from unknown numbers
• Never download any apps from links, especially on messaging apps such as
• Telegram and WhatsApp. Only download apps from official app stores such as Apple App Store and Google PlayStore
• Never share your banking username and password with anyone, including friends and family members
• Never entertain phone calls or messages from unknown mobile phone numbers

Customers who have fallen victim to scams should immediately call the National Scam Response Centre at 997 or banks’ 24/7 customer service hotlines for assistance.

The banking industry urges customers to stay alert at all times, especially when theyreceive calls from unknown numbers. Customers are also encouraged to protect themselves by staying informed of the latest scam modus operandi at www.JanganKenaScam.com.