Banks: Fraudulent online transactions not from leaked bank information

Banks: Fraudulent online transactions not from leaked bank information

Scammers used card details stolen from online shoppers

A Facebook user shows multiple fraudulent cash withdrawals, all for small amounts, appearing in her bank statement. She wrote on a Facebook page on Monday that more than 300 unusual withdrawals, amounting to 20,000 baht, were made. (Photo from Sharing Experience on Unaware Cash Withdrawal Facebook page)
A Facebook user shows multiple fraudulent cash withdrawals, all for small amounts, appearing in her bank statement. She wrote on a Facebook page on Monday that more than 300 unusual withdrawals, amounting to 20,000 baht, were made. (Photo from Sharing Experience on Unaware Cash Withdrawal Facebook page)

The Bank of Thailand and the Thai Bankers’ Association said on Tuesday the series of fraudulent online transactions reported by tens of thousands of account holders was not a result of a leak of information from the banking system.

In a joint statement, the BoT and the TBA put the blame on people using customers' information stolen while they were shopping online.

The statement said none of the fraudulent online transactions had involved one-time passwords (OTPs) used by banks.

Since early October, there had been unusual money transactions involving 10,700 bank cards. Over the last week, unauthorised multiple withdrawals had been made on individual accounts via debit cards, each involving small amounts, as low as one US dollar.

Banks had systems to detect unusual transactions, with each bank setting a ceiling and conditions of card use based on the shop and type of goods, the statement said.

The BoT and the TBA issued their statement as police stepped up their investigation into the unauthorised online transactions after about 40,000 people reported they had lost about 10 million baht in total to the scammers.

The commissioner of the Cyber Crime Investigation Bureau (CCIB), Pol Lt Gen Kornchai Klaiklung, said on Monday that police were in talks with the BoT and the TBA to find a solution.

The commander of CCIB's cyber crime analysis division, Pol Maj Gen Niwet Apawasin, said the same day that some of the charges were initiated by online gaming platforms. He also said it was easier to investigate sites registered in Thailand than those registered outside the country.

To address the problem, the BoT and the TBA have jointly mapped out measures to prevent unauthorised transactions. The measures are:

- Increase detection to cover transactions involving small amounts of money and frequent transactions. If unusual transactions are detected, banks will immediately cancel the transactions and notify customers on all channels, as well as closely monitoring transactions from overseas;

- Add more channels for transaction alerts, such as via mobile banking, email or sms;

- In the case an inspection finds customers are affected by the above-mentioned fraudulent cash withdrawals, holders of debit cards will receive their money back within five working days. As for credit cards, banks will cancel the transactions and customers need not pay the unusual amount shown on the bills, and they will not be charged interest;

- The BoT and TBA will meet with card providers such as Visa and Mastercard to discuss the requirement for OTPs for debit card use for online shopping.

The two agencies said they have given added emphasis to financial transaction security and protection of customers’ data.

Do you like the content of this article?
COMMENT (39)