Bank of Thailand warns of elevated financial cybercrime risk

The Bank of Thailand (BoT) is warning consumers and banks of an elevated financial cybercrime risk. The warning comes after a man claimed that he had lost 101,560 baht from his bank account after using a public charging outlet. The BoT denied the claim after conducting an investigation and said it believes the theft occurred because the man was a victim of a malware attack after he downloaded an unsafe dating app called “sweet meet.”

The BoT says the man was tricked into installing the malware. Once installed, it gave remote access to hackers to monitor and control the phone to transfer money from the user’s bank account. The central bank warns that fraudsters have developed many kinds of call centres, fake loan applications, deceptive text messages, and manoeuvres to lure consumers to install malware-embedded applications on their phones.

Meanwhile, the BoT is urging financial institutions to regularly upgrade their tools to counteract such cybercrime. The central bank is warning mobile phone users to refrain from opening any suspicious links, using unsafe phones to make financial transactions, and installing any suspicious apps. It furthered that customers should install mobile banking app updates regularly.

The deputy national police chief also advised that consumers should only download apps that are on Google Play or the App Store.

ORIGINAL STORY

The Central Investigation Bureau (CIB) is advising the public to exercise caution when charging their smartphones in public after a Thai man’s Android phone was hacked over the weekend. The CIB believe hackers have found a way of altering charging cables to steal personal information from phone users.

Wisanusan Sam-pok revealed in a Facebook post on Sunday that 101,560 baht mysteriously disappeared from his bank account. Wisanusan said he did not use the phone other than to charge it in public.

Wisanusan said that he did not receive any scam calls, download any strange applications, or click on any suspicious website links, but the money still mysteriously disappeared from his bank account.

Widsanusawan got a notification from his bank about the transaction he did not make. On closer inspection of his phone, he noticed an unknown application on it, which he suspected to be the app the hacker used for data skimming.

Netizens commented on Widsanusawan’s post saying that the hacker might have used a charging port and cable to help with the data skimming.

CIB reported yesterday that hackers can use remote access points to control a skimming chip that is embedded in every type of charger port.

The chip can be used by hackers to skim personal information from smartphones, including passwords, financial data, and bank account numbers, or to infect them with malware.

The CIB warned people who need to charge their phones in public should be cautious when borrowing a stranger’s charger or connecting their charger to public charging ports.

Parinya Homanek, a member of the National Cybersecurity Committee, said that such hacking, mostly on Android phones, can happen after the victims visit malware-embedded commercial banners or downloaded applications outside official application stores.