The Sms protocol needs to be changed to prevent fake header, not url from being unclickable.
Currently you can put anything in the header and it need not be validated as per the existing SMS protocol.
For unclickable, you can use firewall
That one i know and can understand. Only for serious cases like need to solve crimes. Why provide for goondus who dont take care of their phone?If it is software, anything is possible. It is just that whether they are willing to provide this feature.
In fact, for stolen phones, telco can track who has the stolen phones by tracking the IMEI. But they don’t provide this feature because MHA acts blur and don’t mandate that they provide this feature.
I think in some browsers you can blacklist certain web site. So dont even need to touch the firewall.Url being clickable would be a great option to have.
Accidental click sending one to a website with virus or trojans isnt fun.
OCBC is the world's strongest bank, never say never.The whole chain of actions from changing limit and transferring money out of country are red flags of fraud. What kind of fraud detection system they have that didn't stop this?
Don’t know lei.. that’s their reply that they will change it from 5 Jan 2022.
Maybe you try transfer someone money >200 see if got a not.
“The PayNow Authorisation Limit will be reduced from S$1000 to S$200 with effect from 05 Jan 2022.
Paynow transactions above S$200 will require transaction signing via Hardware Token or Elevated OneToken. This applies to both OCBC Digital and Pay Anyone App as well as Internet Banking”
I think in some browsers you can blacklist certain web site. So dont even need to touch the firewall.
How do you re-route the SMS?what about SMS OTP being re-routed and thus transfer limit being increased after phishing? It affects the extent of the loss.
Some of the victims did visit the branch but was told to join normal queue. See mothership articlewhy doesnt visit branch..? since 11:47am
Actually no OTP is needed if the target is in a specific list.You mean all that was needed is a single OTP? Additional high risk transactions didn’t require another OTP?
Sounds like poor security to me
At the most basic.How do you re-route the SMS?
Heng my $500,000 bank account got no online access set-up.
Only thru ATM and bank book.
outage but no money was lostLast DBS online outage saga, now still no update.
U say leh
She does accept that she was at fault. But what she is saying that once she realized her mistake, there was no mechanism for her to reach bank immediately and block the transactions.bit.ly/3q**** webby address don't look suspicious to her?
Use Cisco Umbrella or OpenDNS DNS servers. They block known dangerous domains.I think in some browsers you can blacklist certain web site. So dont even need to touch the firewall.
You can still be scammed. Scammers can set up online access for your bank (with their mobile)…you won’t even know thay someone else can access your account online. But this is more difficult for scammers to do so.Heng my $500,000 bank account got no online access set-up.
Only thru ATM and bank book.
I agree that the bank frontline staff could have been more helpful. There should be an express queue for those who suspect their accounts have been compromised to request an immediate freeze on the account.She does accept that she was at fault. But what she is saying that once she realized her mistake, there was no mechanism for her to reach bank immediately and block the transactions.
I think in US the customers not only can claims back their losses. They also entitled to claim emotional suffering by large amounts of compensations. If they wins their law suit legal fees are base on % of the courts awarded compensation's. So in US they don't need to fork out the legal fees upfront. Here most victims already lost most of their life savings. Now still have raise the money required for the law suit is quite jialat lor.Here also can happen what. Why must USA lol. Just need someone to lead. And a lawyer to take it on. The cost of it needs to be ironed out.
Pro bono lorI think in US the customers not only can claims back their losses. They also entitled to claim emotional suffering by large amounts of compensations. If they wins their law suit legal fees are base on % of the courts awarded compensation's. So in US they don't to fork out the legal fees upfront. Here most victims already lost most of their life savings. Now still have raise the money required for the law suit is quite jialat lor.