1/23/2022

Electronic Banking - Is your money safe in the banks?

SINGAPORE: All OCBC customers affected by the recent SMS phishing scam will receive "full goodwill payouts" covering the amount they lost, the bank said on Wednesday (Jan 19).

More than 100 victims have received the money, it said in a statement, adding that arrangements for the payouts will be made with all affected customers by next week.  CNA

The above is the result of scamming and phishing in the electronic banking system. OCBC is the first published case when more than 400 victims had their bank accounts violated and emptied. Other banks are coming out warning their customers on how not to be caught in the scam and losing their money.

In traditional banking, such things would not have happened. When one puts money in the bank, it is about the safest place for your money to be, better than in the piggy banks at home or under the pillow. No sleepless night worrying if the money is still there.

With the latest development, not that it is new or had not happened before, would the depositors be having sleepless night wondering if their money is safe in the banks, or would they have to be constantly checking their bank accounts, or scare out of their wits whenever they received a sms in the mobile from the banks or from scammers? Is this the price to be paid by depositors when money lost due to scams and phishing is not guaranteed by the banks? Note, OCBC is returning the lost money to the owners out of goodwill this time, not legally or mandatory and can refuse to make right the money lost the next time. What if the amount lost is much much more, in the hundreds of millions involving bigger number of customers, would the banks still honour the money kept with them or wash their hands and disclaim any responsibility, or perhaps return a token sum?

Would MAS come out with a ruling, a regulation to clarify on this matter? The situation is getting bad as the scammers are getting very brazen and aggressive and many innocent depositors would not even have any clue of what happened and when or how their money were stolen from their accounts.

Who should be responsible for the money given to the banks for safe keeping? The electronic banking system is designed by the banks. Should not the banks be held responsible as it is their system and they are supposed to provide all the necessary safeguards and to protect the money from being stolen while in their care? The banks must have a fiduciary duty and responsibility to ensure the system is secure and the money of the depositors are secured and safe. It cannot be a case of not their responsibility, and if lost they have a right not to make good the money but only on goodwill, ie discretionary, they can refuse to accept responsibility for the lost of the money, and no need to pay back to the depositors.

If this is the case, is your money safe in the bank? Would depositors dare to continue to leave their money with the banks when the banks are employing many foreigners from God knows where to maintain their electronic banking systems, with access to the money of the depositors. With the sophistication of the electronic systems, digital money can be transferred all over the world and very difficult to trace or recover, unlike the good old days when the bank staff were mostly citizens and the physical money could only be carted away in wheelbarrows if the quantity is big.

Would this become a new crisis of confidence for the banks? Who is there to protect the depositors? Is there any law to protect the depositors when technically the scam could be an internal job with so many foreigner programmers and software engineers employed and maintaining the system, have accessed to the system?

What do you think?
 
PS. I have even reduce my credit card limits to a minimum. Cannot trust the system anymore. In the past it is always trying to max the limit possible. And the banks too would be asking customers to increase their limits. Now who dares to increase their limits to be available for scamming? This may even destroy the credit card business.

20 comments:

  1. Internet Banking Safe? Must Be A Joke!

    First of all, the Internet was created by the Evil US Empire for use in their military called the Intra Agencies Networks (Intranet)

    It was not meant for use with any external organisations or people. Therefore, the only safeguard, as far as security was concerned, was that all the computers were linked by wires/cables. No outsiders can gain excess or intrude into the networks unless they tap onto the wires/cables.

    The CIA saw the potential in the Intranet for use by the Intelligence Agencies to collect information and Intelligence globally. It was then adapted and expanded into an International Networks, later known as the Internet.

    To cut long story short, the Internet, being an adaptation from the Intranet, was not meant to be SAFE, from external interference. It was built for everyone to use, even dummies can use it, so that all their private, confidential and secret matters can be discuss and distributed freely all over the Internet.

    SO THAT THE CIA and US Military Intelligence can easily collect all the data, information and intelligence they want/need.

    Therefore, the Internet CAN NEVER BE SAFE! Secure yes but not SAFE.

    One can put up layers of security measures to protect one's data and information but they are still not SAFE, because anyone who has the time and determination to come out with counter-measures to break your security measures will be able to intrude and penetrate your systems.

    That's why I have never trusted the Facebook and Twitter, and other social media platforms. Let alone Online Banking.

    My advice:

    DON'T USE ONLINE BANKING UNLESS IN EMERGENCY SITUATIONS!


    A-non-y-mouse.

    ReplyDelete
  2. The move to displace cash payment with electronic payment at hawker centers - without considering the vulnerabilities of tech-unfamiliar senior folks - is very ill-conceived, underscored by the recent phone scams to cheat the people of their money.

    ReplyDelete
  3. @ RB

    It's not the banks that are the problem.

    THE SMARTPHONES (and other digital comms) are the BIG problem. i.e. they are a "tool" on which nearly every crucial aspect of modern life depends, but now "weaponized" thru social engineering. e.g. phising, scaming, robo calls etc

    I've started using CASH again, for day-to-day purposes.

    Govts are quickly moving to electronic money aka Central Bank Digital Currency or CBDC, and trying to rid the citizens of cash. Both China and India have already done it.

    If you visit DarkNet, you will see millions of compromised credit card, PayPal and other payment account details (known as "carding") FOR SALE, with guaranteed minimum balances. If you are tech-savvy and dishonest, it is quite easy to become rich by the simple, old-time, and proven way: stealing stuff from vulnerable people.

    I dunno about S'pore, but here you can turn your CC on and off thru the banking app or bank's website. You can also purchase CC shields which issue virtual CCs tied to your card, to be used according to your specs. For e.g. you can have one virtual CC just to pay your electricity, another one just for ApplePay and they can't be used for any other purpose if they are hacked.

    And for goodness sake, use high entropy passwords and a GOOD password manager. I use KeePassX, Bitwarden, and LastPass (wah 3 ah? Yes, I am Singaporean and by nature kiasu Fortress ๐Ÿ‡ธ๐Ÿ‡ฌ )

    ‼️Turn on 2FA‼️ Dun pray pray. It is a bit lecheh but it is worth it. It is a great deterrent. Once a hacker sees 2FA authentication, they will leave you ALONE and look for the sucker that doesn't have 2FA and a weak (low entropy) password.

    Remember: Devil Take The Hindmost. The "weak" will always die first. You don't have to be super strong. You only have to be stronger than the weak guy. Self interest lah.๐Ÿ˜‚ ๐Ÿป

    Be strong. Fortress Singapore is strong! Let's keep it that way!

    ReplyDelete
  4. PS:

    I have (depending on the day and what I'm doing) 1-5% of my liquidity stored in offline multisig crypto wallets (aka cold storage). They are multisig, so if I die my designated "kakis" can access the funds.

    Yes, I personally DO NOT fully trust banks or the global financial system or central banks. My trust in them is about 70%...good enough for day-to-day, and small amounts of money, but be very careful in turbulent times. So I've taken the crypto option.

    Ever since the inception of financial institutions, people have had good reason to be skeptical of banks and their security. Well placed paranoia is a GOOD thing. It keeps us alive and protects us from loss.

    Next to loss of life and permanent injury, loss of capital is probably the worst thing. If you come to think about it: CAPITAL is, and comes from our very finite lives....we swap our efforts, ideas, and TIME to accumulate capital.

    So, better jaga baik baik.

    Caveat emptor: I absolutely do not recommend crypto to anyone. Last year, there were (under-reported) $14 billion SCAMMED in crypto. If you are not prepared to study hard and LEARN about it...STAY AWAY or be prepared to see your money VANISH very quickly. ☠️ ☠️ ☠️

    ReplyDelete
  5. In the present world of white-collar, crooked and cunningly corrupted politicians, TRUST has become a very rare commodity to come by.

    Couple with money-can-buy corrupted government officials, judges, prosecutors, juries, specialised experts and professionals, who are willing to swear under oaths to tell the truth, but blatantly and gallantly do the opposite, TRUST is now thrown in the wind.

    Tripled with the big money from big profits from big Pharmas to entice, lure and entrap the already corrupted politicians, government officials, professionals and experts (specialists, researchers and scientists who live on the funds provided by big Pharmas), TRUST is nowhere to be found. It has disappeared in thin air overnight.

    How then can anyone even talk about the security of online banking, a confluence of networks manned behind the scene by faceless, nameless and trust-no-less people who are called IT specialists but raised to the pedestal by high-sounding names such Cybersecurity Consultant and IT Experts?

    ReplyDelete
  6. When I received that message, I felt quite suspicious. That was early evening and banks were closed, so I just ignored it.

    In fact the message sounded quite alarming telling me to take immediate action and click on a link.

    Perhaps banks should get together to have a round the clock system of contact for customers in case they come across strange messages like this and need to seek clarification. Have they made available this line of communication I am not sure, especially after banking hours. It is no use telling customers that banks do not ask customers to click on links.

    Online banking for me? No thanks, even if it happens once in 50 years.

    ReplyDelete
  7. One interesting point, which I am not too sure, is that the banking system says that money deposited with banks, legally belongs to the bank and therefore up to the banks to invest or use in whatever way they like. Depositors obviously have no say about how the money is invested or used. In other words, your money is now their money once you leave it with them, until you take it out.

    I may be wrong and stand to be corrected.

    ReplyDelete
  8. @214

    Your money is always your money. On the banks balance sheet, your deposit is their liability. ie. They are custodians looking after your property.
    If your property is "harmed" in any way, the bank is liable.

    Yes, you do have a say in who does what with your money...the ULTIMATE say: you can always WITHDRAW your funds (your property).

    However once you deposit with a bank, you engage in VOLUNTARY CONTRACT. Their business is making loans to whomever fits their "loan criteria". If you don't like it, just take your money somewhere else.

    ReplyDelete
  9. True or not?

    Indian FT from univs ranked ~800th runs OCBC IT Dept

    https://www.sammyboy.com/threads/indian-ft-from-univs-ranked-800th-runs-ocbc-it-dept.315146/?fbclid=IwAR1mjZkXK_40XxNGLTsNMhrhsrj13wkRSuTwXlamtK3Np4RWlk41sCnBcAY

    ReplyDelete
    Replies


    1. "How then can anyone even talk about the security of online banking, a confluence of networks manned behind the scene by faceless, nameless and trust-no-less people who are called IT specialists but raised to the pedestal by high-sounding names such Cybersecurity Consultant and IT Experts."

      Should anyone allow himself to easily trust any stranger who has no face, no name, no address and no known verification?

      Delete
  10. Deserves to be screwed.

    ReplyDelete
  11. Matilah,

    Most S'pore bank apps allow activating or de-activating CCs thru their apps.

    But no virtual CCs or CC shields that I'm aware of.

    Anyway in this latest OCBC scam, it wasn't strong passwords or 2FA that was the problem. It was FOLLOW-LAW, KANCHEONG Sinkies who were TRIGGERED by Social-Engineering SMS into giving away their private credentials.

    Customers who are more fuck-care, bochap, tidak apa, or worldly wise likely didn't fall for the scam.

    IT IS HARD TO FOOLPROOF A SYSTEM WHEN 80% OF THE PEOPLE ARE LAZY & DON'T HAVE CRITICAL THINKING SKILLS. THE ONLY WAY IS TO TURN IT INTO A NANNY-STATE SYSTEM OR AN ABSOLUTE AUTHOCRATIC SYSTEM, WHICH IS DEFINITELY NOT WHAT I WANT.

    95% of my networth is in real world or capitalistic assets. Hence my focus is that my assets are located in jurisdictions where property rights & personal rights are enshrined in BOTH law & culture, and where my assets have proven income-generating ability and/or store of value ability. Preferably with at least a few decades of track record.

    Singapore doesn't fully meet my above requirements -- it has property rights in law, but not really in culture. It doesn't have strong personal rights in both law or culture. Thus I only have a tiny percentage of my networth in Singapore at any point in time.

    But as long as S'pore doesn't practice capital controls & allows flows of $$$$$ from external sources, this is a bloody good place to stay (as long you got the money).

    WSG

    ReplyDelete
  12. Matilah talking to himself, disguised as another person called WSG?

    ReplyDelete
  13. @ 720

    >> Matilah talking to himself, disguised as another person called WSG? <<

    Mate, really love your critical thinking skills. You have a great future! ๐Ÿฅด

    ReplyDelete
  14. @ WSG 535

    Hey, nice to know you are still around!

    >> IT IS HARD TO FOOLPROOF A SYSTEM WHEN 80% OF THE PEOPLE ARE LAZY & DON'T HAVE CRITICAL THINKING SKILLS. THE ONLY WAY IS TO TURN IT INTO A NANNY-STATE SYSTEM OR AN ABSOLUTE AUTHOCRATIC SYSTEM, WHICH IS DEFINITELY NOT WHAT I WANT. <<

    So true. Hence the ease of being socially engineered. Everything connects when first people don't think critically.

    >> where property rights & personal rights are enshrined in BOTH law & culture, <<

    I'm afraid the "enshrinement of property rights in culture" is waning in most parts of the developed world, even in the so-called "land of the free", the USA. They're lucky the SCOTUS still upholds property rights, but the support is getting thinner.

    Therefore, I don't really worry about the culture, at least for the moment. I only care about The Law. Singapore's record on property rights (enshrined and upheld in LAW) is a lot better than other places.

    I don't even trust Australia anymore on that, as modern western culture breeds more entitlement mentality and everyone is quick to grab "free stuff"....free to them, but if you happen to have "assets" they'll come after you to relieve you of a slice of said "assets".

    Financial Repression is growing in "free" western societies. Singapore really scores BETTER in that regard....at least for now.

    >> But as long as S'pore doesn't practice capital controls & allows flows of $$$$$ from external sources, this is a bloody good place to stay (as long you got the money). <<

    I couldn't agree more! From my current vantage point, it's paradise!

    ReplyDelete
  15. Only imbeciles in Singapore would trust foreigners to run the IT systems of their banks and ministries. They did not believe that the foreigners could one day steal their banks or their country.

    This is the stupidity has no cure syndrome affecting Singaporeans from the top to the bottom.

    Just wait to see which silly bank would be the first to be emptied by the foreigners.

    ReplyDelete
  16. One single word to describe Singapore these days is: EXPEDIENCY.

    Under LKY, it was PRAGMATISM.

    Under GCT, it was EGOTISM.

    ReplyDelete
  17. Maybe an inside job. How did the scammers get the phone numbers and knew these are customers of OCBC? Just too coincidental.

    ReplyDelete
  18. Too long under a safe government, assuming that it would always be the same. No need to think, no need to fear of a rogue government. Don't even know or recognise a rogue government.

    Every thing will be fine. The OCBC scam case is a pre warning that the worse is yet to come. Would they start to think and put in more controls on foreigners?

    Keep on trusting foreigners in such an important function as the banks' IT system, allowing foreigners to access all the information and system, passwords, accounts etc etc.

    Foreigners are very nice people, would not cheat, very honest, would not commit crimes.

    Wait till they sell your father and mother than you know.

    Imbeciles! So trusting of foreigners, place money and secret, vital and sensitive information in the hands of foreigners. Shake heads.

    ReplyDelete
  19. Never would you find a people in the world that is so careless with foreigners, allowing foreigners into their country and dropping their pants to be screwed without taking any precaution to protect themselves.

    The only thing you can say about such a silly people is that they did not build the country but inherited on a silver platter, so easy come easy go. They would not care a bit even if the foreigners were to take over the jobs of their fellow citizens, take over companies and organisations and eventually take over the whole country, as long as they could protect their big salary for a few more years.

    They did not feel responsible to want to protect the interest of fellow citizens or the assets of the country.

    ReplyDelete