Forum: Scammed of $100,000, but fault is not mine alone

  • Have you been Scammed?
    Follow this advisory from National Crime Prevention Council (NCPC) on the next steps you can take. More info

Visor9999

High Supremacy Member
Joined
Mar 30, 2021
Messages
29,741
Reaction score
8,244
As I said, it takes MANY MANY hands to clap.
The dinosaur era sms system is dinosaur era because most of the Planet Earth is in the dinosaur era.
The vulnerabilities will only be fixed when EVERYONE is up to speed.

Even if you put in some fancy translation gateway to help your new fangled hemorrhaging edge system communicate with the dinosaurs, how are you going to validate the information being fed to you from the dinosaurs? BTW the way the global networks are set up, there is NO WAY to bypass the dinosaurs.

A shiny diamond in a sea of mud is what you'll be. And guess what? Mud is sticky.

Then how come other countries never have so many scams like sg. Something must be wrong here which Govt need to look. Maybe suspend all paynow or new internal transfers etc
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
Brilliant idea! If the scammer change the password, should attempt multiple failed logins until the account is locked. Otherwise I prefer to take back control of the account.
Then the next time they will change your userid first? :s13:

Never underestimate scammers....
 

tanakow

Banned
Joined
Jan 3, 2004
Messages
9,837
Reaction score
1,422
calling me not smart and my wife being unfaithful is not how u talk.

u can argue for all u want. No one is going to baby sit sinkies for their stupidity.

I was using an analogy using a hypothetical case to illustrate that getting the SPF to investigate a crime where the victim was at fault does not amount to babysitting people for their stupidity.
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
Oops. Yes, I just saw DBS can change User ID. 🙁
You can submit a request for forgetting your userid too.... but ultimately it's a race against time/scammer

If every scammer is as lenient as the 2 hour one... yeah sure.... plenty of reaction time.
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
It is unlikely you can change your bank userid.
Some can... OCBC used to use NRIC for userid, then PDPA came about so they had to make allowance to change userid.... I THINK I can still change it but too busy to verify it now
 

tanakow

Banned
Joined
Jan 3, 2004
Messages
9,837
Reaction score
1,422
Brilliant idea! If the scammer change the password, should attempt multiple failed logins until the account is locked. Otherwise I prefer to take back control of the account.
The account may be locked. But the scammer is already logged in so he won't be kicked out. But some bank, I think OCBC for example, if you log into your account in one computer and then log in using another device, it will kick out the first account.
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
The account may be locked. But the scammer is already logged in so he won't be kicked out. But some bank, I think OCBC for example, if you log into your account in one computer and then log in using another device, it will kick out the first account.
I was wondering about this.... tempted to test it but damn mafan... :ROFLMAO:

If account locked but existing session still can use... this one should complain to OCBC
 

tanakow

Banned
Joined
Jan 3, 2004
Messages
9,837
Reaction score
1,422
Some can... OCBC used to use NRIC for userid, then PDPA came about so they had to make allowance to change userid.... I THINK I can still change it but too busy to verify it now
This is different. This change is performed by the system administrator or the application administrator. They probably go to the database directly to change. But an account holder is unlikely to be able to change his account name himself. That is because in most case the account name is used as a primary key. And renaming a primary key may not be so trivial.
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
This is different. This change is performed by the system administrator or the application administrator. They probably go to the database directly to change. But an account holder is unlikely to be able to change his account name.
It's gonna bug me too much if I don't check....

Yes, confirm can change your userid... or what they call access code (which is their workaround to unique key I suppose).... This part maybe they should disable... even though it needs token and all to change
 

Level42

Supremacy Member
Joined
Nov 4, 2007
Messages
5,368
Reaction score
1,356
The account may be locked. But the scammer is already logged in so he won't be kicked out. But some bank, I think OCBC for example, if you log into your account in one computer and then log in using another device, it will kick out the first account.
For DBS, only one active session is allowed. Any new login kicks out the previous session. But I was thinking of the scenario where the scammers change password immediately after gaining access fraudulently. Meaning the victim no longer has access to his account. In lieu of a panic button, banks should consider allowing multiple failed logins to lock the account and kick out all sessions. Even if it is a prankster inconveniencing the legit account holder, I think it is worth erring on the side of caution. :giggle:
 

tanakow

Banned
Joined
Jan 3, 2004
Messages
9,837
Reaction score
1,422
For DBS, only one active session is allowed. Any new login kicks out the previous session. But I was thinking of the scenario where the scammers change password immediately after gaining access fraudulently. Meaning the victim no longer has access to his account. In lieu of a panic button, banks should consider allowing multiple failed logins to lock the account and kick out all sessions. Even if it is a prankster inconveniencing the legit account holder, I think it is worth erring on the side of caution. :giggle:

If i were the scammer, the first thing I do is to change the password and the userid if possible. So the legit user cannot even try to log in using the old userid anymore.

That is why i don't think user should be allowed to change the userid.
 

harbinger255

Honorary Member
Joined
Sep 15, 2006
Messages
100,043
Reaction score
40,609
If i were the scammer, the first thing I do is to change the password and the userid if possible. So the legit user cannot even try to log in using the old userid anymore.

That is why i don't think user should be allowed to change the userid.
I did just notice that you can use singpass to log in too.... didn't try it... not sure if it's a good or bad thing too....

For now... feels like another potential scam gateway
 

Roundtreex

High Supremacy Member
Joined
Dec 17, 2014
Messages
33,954
Reaction score
4,057
Then in that 2 hours, he nonchalantly continued with his task when he could have 1) rush down to a bank 2) continue to hold the line 3) Force an account lock by entering a wrong password 3x
Woah a smart one at 3)
Purposely enter wrong password 3 times to lock online account instantly
 

Level42

Supremacy Member
Joined
Nov 4, 2007
Messages
5,368
Reaction score
1,356
If i were the scammer, the first thing I do is to change the password and the userid if possible. So the legit user cannot even try to log in using the old userid anymore.

That is why i don't think user should be allowed to change the userid.

I agree it would be worse if the scammers change the password and/or userid. Userid change, if allowed, should only be done at the bank. I only just found out DBS allows user id to be changed on the app. I was worried that in future the scammers would change userid and/or password first thing. For OCBC scam, the scammers apparently didn’t, as the victims managed to find out their money was stolen. Victims must still have access to their accounts.
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top