A few months ago, Muridi Mohammad from Perlis was shocked when his money has been missing from his CIMB account.He received an SMS telling him he had won RM14,000 in an Akademi Fantasia 6 (AF6) competition. All he had to do to claim his winnings was to telephone the number given.

When he called, a man claiming to be from Astro asked for Muridi’s bank account number to deposit his winnings. Though he was hesitant, he did so. Fortunately he had enough sense to give an account with little money in it.

“I gave him the account my tenant uses to pay the rent.” The CIMB account had a balance of just over RM300.

Although this case is not new, but this poor Ustaz still want to try his luck. He just gave his account number just to see wether the scammer will deposit money or not. But it turns out, the scammer manage to withdraw money from his account two times. About an hour later he checked the account and found that two payments of RM120 had been made to “I-PYMT TO COLL”.

The BIG question here, how this criminal manage to withdraw money just using user account’s number. Really strange. I think this guys are really professional,even CIMB never release a statement about their system flaw.So just use thumb rule, if the offer is too good, then it is a scam. Don’t try to outsmart them. Maybe your are dealing with international criminal :).


– When you receive an SMS saying you have won something, always verify it with the company named in the SMS. Contact the company in Malaysia and not the number given to you in the SMS.

– If the message cannot be verified, ignore it.

– If you are a victim, lodge a report.

– You should never provide your bank details, ATM card or PIN number to a third party. The same goes for Internet banking identification or password.

– Do not open a bank account for a third party. If you have done it, close it immediately and lodge a police report.

– If you are asked to call a number to verify your gift and the person on the other end claims to be Malaysian but has a foreign accent, be suspicious.

– Pay attention to the caution notices placed at ATMs.

Lately, when I open CIMB Clicks Online, this warning will appear:

New threat from stupid scammer that want to robe our money.Pishing sound more like fishing, which try to bait you for login ID and password.

What is “Phishing?” “Phishing” is a type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites.

You’ll then be asked to disclose confidential financial and personal information, passwords, credit card numbers along with any other highly confidential questions. The most common type of phishing scam is an email threatening serious consequences if you do not log in and take immediate action. A bogus link is usually provided in that email which leads to a fake website identical to the bank’s website. Dear Valued Customers, Please do not respond to any emails, websites or notices via SMS that requires you to refresh, re-confirm or validate your CIMB Internet Banking information. It is a scam tricking you to disclose your CIMB Clicks UserID and Password. Responding to these emails and websites may lead to monetary losses from your account.

Please be informed that we will never require you to update or disclose any sensitive banking information (userID, password, TAC code, etc.) via email, SMS or any pop-up windows on Internet sites. Always access Internet Banking by entering the URL directly into your browser window, or via your saved list of favourite website addresses. For more safety tips, please click on the ?How to Stay Safe? online banner or go to http:www.cimbclicks.com.my/keepsave.htm.

So guys, please be careful when you receive email asking you to login for security ,website maintenance or  what ever especially involved your online financial account. This criminal has become more advanced and skillfull, just don’t fall into their trap. Just imagine your income from making money online drained away by your simple mistake.

so take care..