Bank of Thailand answers 8 questions, causes, prevention, solutions to the problem of “losing money from the account” and unusual financial transactions.
On October 19, 2021 from the case of bank users Found an abnormal cut And unusual transactions amounting to 1.07 thousand cards, total damage value of 130 million baht. Recently, the Bank of Thailand (BOT) has come out to answer 8 questions about such cases, both the cause and the prevention. User’s check
• 130 million lost money, affecting ten thousand accounts The Bank of Thailand and the Bankers’ Association accelerate the resolution of problems.
– What is the cause in this case? Is it a hack of the system or a leak from the commercial banking system?
Usually there are scammers already spoofing the transaction. Through information that may be leaked from online stores that have inadequate security systems or fraud of the store staff, which, if found, the card user can file a complaint with the service provider Most card service providers already have protection for card users. There has not been any leakage of information from the commercial banking system. The system also has good security.
In the latter case Especially between 14-17 October, the main cause is random debit card data scammers, namely the card number and expiration date. And then used to impersonate transactions through foreign online stores that do not use One Time Password (OTP) or other security mechanisms such as asking for the cardholder’s name or zip code. or the code on the back of the card (CVV/CVC)
Most of the items have a low amount. and use it many times
– Why is there no OTP sent before cutting money, even if the amount is small, OTP should be sent every time?
Usually, online transactions are required to verify the identity of the transaction, such as entering SMS-OTP.
Some stores will exclude OTP in case of small amount for convenience of users. In this case, if damage occurs Those stores will be responsible for any damages. The bank will be the coordinator on behalf of the customer after being notified.
-Why is the bank’s system unable to detect such anomalies, such as the frequency of fraudulent transactions being rejected? Why wait until it’s news? Therefore, the use of cards of customers with unusual transactions is gradually stopped.
The bank has a system to detect abnormal transactions. Each bank will set up a detection system, namely the ceiling. And the conditions of use of the card according to the type of store and product type are different.
Therefore, this incident is unique. It doesn’t happen to every bank. Banks that do not have a strong detection threshold may be exposed to these transactions.
Each bank has enhanced its monitoring and surveillance of suspicious or unusual transactions more closely.
– Does it happen to every bank? and with what kind of accounts
From the latest information, up to October 18, 64, it was found that spoofing through random card numbers did not occur with all banks. And unusual items come from both credit and debit cards (including ATM cards that function as debit cards).
As for spoofing other forms of transactions that have continued It was not a significant increase compared to the normal interval. in which there are already cases of fraud like this and found with cards of all banks
-Who are the scammers, the BOT, and how will the association act in this regard?
Currently, the Thai Bankers Association And commercial banks are urgently investigating the cause. as well as coordinating with relevant agencies such as the Royal Thai Police
-BOT and Thai Bankers’ Association There are solutions for people affected. and how to prevent this in the future
urgent
1. Increasing the intensity of detecting abnormal transactions It covers both low-volume and high-frequency transactions. If abnormal transactions are found The bank will immediately suspend the use of the card and notify customers in all channels. as well as to monitor and monitor transactions from foreign countries in particular
2. Added customer notification for every transaction. from the first transaction via various channels such as mobile banking, email or SMS
3. The bank enhances the level of verification and refunds to customers. If the customer is found to be affected by fraud in case of unusual payment via credit and debit cards.
a. In case of debit card Customers will receive a refund within 5 business days.
b. Credit card case The bank will cancel the said transaction. Customers do not have to pay any unusual charges. and no interest charged
medium term
4. The Bank of Thailand and the Thai Bankers’ Association will expedite discussions with card network providers such as Visa MasterCard to require additional authentication, such as OTP, with debit cards for online merchants.
– In addition to the measures of the Bank of Thailand and other banks, the public will participate in the investigation. or how to protect yourself Both with random card data and other forms of spoofing.
Regularly check your transactions. If any abnormality is found, call the contact number on the back of the card
Be careful when binding debit and credit cards in transactions. Especially with stores such as online games, platforms that do not have identity verification before accessing them.
for some banks Customers can also enable/disable the card. or change the card usage limit or freeze the card by yourself through the bank’s application In addition to contacting the bank
– If you don’t have a debit card but the money was taken from the account What is the cause of this?
need to know more details in order to determine the cause of the incident. I still haven’t found a case without a card. and the money was taken
In addition, service users who are affected You may want to check to see if your ATM card is also a debit card. This can be noticed by the presence of a Visa or MasterCard symbol or the word DEBIT if it is a debit card. It may be caused by random numbers that have been described.
