Cases & News About The Phishing
Welcome to the Real Phishing Cases page. We present an in-depth look at actual cyber events that have occurred in Malaysia. Our goal is to provide you with a complete grasp of the most critical security concerns that companies and individuals face today. Examining these real-world events will provide you with significant insights into the nature of cyber threats, attacker strategies, and the devastating impact these occurrences have on various sectors.
06
Fraudulent URLs being used in SMS scams
Fraudsters impersonating Maxis, a telecoms firm, sent phony SMS messages advising recipients to redeem their reward points via a link before their points expired. After clicking the link, users were taken to a phony website where they were required to enter their online banking information, including one-time passwords, which allowed for illegal access and financial loss.
07
Phishing SMS regarding accepting the offer
An individual from Malaysia almost lost SGD2,750 (RM9,680) after she clicked on a phony SMS link purporting to be from Maxis. Following the link, a phishing website offered an air fryer for RM1.37. She kept trying to enter her OTP and bank information, thinking there was a mistake. She did not get robbed even though the scam was ongoing since she did not have enough money.
08
An increase in AI-driven frauds
An increase in AI-driven scam aimed at tourists visiting Malaysia has been reported by The Straits Times. Advanced AI technology is used by scammers to develop convincing phishing schemes, such as phony websites relating to travel or messages that seem to be from reliable sources. The goal of con games is to fool tourists into divulging sensitive personal and financial data.
09
Phishers on a Malaysian website were arrested
An initial access broker (IAB) and phishing-as-a-service (PhaaS) operation known as BulletProftLink was taken down by the Royal Malaysia Police with assistance from foreign organizations. The valuables, which included cars, electronics, and cryptocurrency, were taken by the police for RM965,808. The group might have made approximately RM1.2 million from the operation.
10
Attacks with malware and phishing
MyCERT has issued a critical alert due to a surge in phishing attempts that aim to exploit the recent CrowdStrike event, which caused a global IT disruption. Scammers are using malware, command-and-control (C2) IP addresses, and bogus domains to pose as reliable websites in an attempt to trick users into installing hazardous software or disclosing personal information.