Jump to content

Thai Android users lose money in ThaID app scam orchestrated via SMS


webfact

Recommended Posts

image.jpeg

 

In an emerging threat to privacy and finances, Android smartphone users in Thailand are being entangled in a sophisticated cyber scam. Orchestrated through the pretence of updating the mobile app ThaID, the scammers acquire remote control of the victim’s phones, enabling them to steal funds.

 

The Department of Provincial Administration (DPA) notified the Cyber Crime Investigation Bureau (CCIB) of this alarming situation as numerous individuals have reportedly fallen prey to this ThaID app scam deception.

 

ThaID is a mobile app, supervised by the DPA, that permits Thai citizens to replace their physical ID with a digital version. This facilitates access to government services and lets them prove their identity during specific scenarios, such as air travel. The CCIB spokesperson, Police Colonel Kissana Phathanacharoen, offered an insight into the deception tactics.

 

According to Kissana, all victims received an SMS prompting them to access a contrived ThaID official Line account. The victims were duped into thinking that they were conversing with authorised DPA personnel. It was during these interactions that they were tricked into divulging personal data and their six-digit phone codes for their Internet banking applications. The victims were further instructed to install an APK file, allowing the fraudsters to gain remote control over their phones.

 

by Mitch Connor

Photo courtesy of prachachat.net

 

Full story: https://thethaiger.com/hot-news/crime/thai-android-users-lose-money-in-thaid-app-scam-orchestrated-via-sms

 

Thaiger

-- © Copyright Thaiger 2023-07-24

 

- Cigna offers a range of visa-compliant plans that meet the minimum requirement of medical treatment, including COVID-19, up to THB 3m. For more information on all expat health insurance plans click here.

  • Haha 2
Link to comment
Share on other sites

I've said it before, I have a Thai bank account, but no credit or debit card and no app (had one then deleted it). Unless it's an inside job, the only way money can leave my account is if I appear in front of a teller with my passport and bankbook, even for a transfer which I never do (only cash if I want to give money to someone, and if they are far away I just don't do it, or I have my business partner in the US do it if it's legit, and he doublechecks my thinking). I do allow the bank to send me an instant SMS of any change plus or minus in my balance (also useful when I receive a transfer from the US). And I use an iPhone.

  • Like 1
  • Sad 1
Link to comment
Share on other sites

3 hours ago, jacko45k said:

It makes me concerned over the so called security Android offers if it allows an APK to be loaded, transferring control of a phone elsewhere. I see no reason for that.

Android default settings don't allow APK, until user manually click to allow third party APK. User also get a warning before APK is allowed.

 

Have many APK myself, none have been flagged by any scanning.

 

Think it's more about carelessness, naivity, and curiousity to click on any Link in a sms.

 

  • Like 2
Link to comment
Share on other sites

2 hours ago, ezzra said:

When most people now using QR code to pay even the smallest bill the sky is the limit to where the scammers take their game up to.

I agree.

I was reading an article where it said that scammers are even changing QR codes in public places. So even scanning a QR code, let's say for example in a coffee shop advertising "Scan this for 25% off your next order, could lead to people being scammed.

  • Confused 1
Link to comment
Share on other sites

2 hours ago, Enzian said:

I've said it before, I have a Thai bank account, but no credit or debit card and no app (had one then deleted it). Unless it's an inside job, the only way money can leave my account is if I appear in front of a teller with my passport and bankbook, even for a transfer which I never do (only cash if I want to give money to someone, and if they are far away I just don't do it, or I have my business partner in the US do it if it's legit, and he doublechecks my thinking). I do allow the bank to send me an instant SMS of any change plus or minus in my balance (also useful when I receive a transfer from the US). And I use an iPhone.

I have an account, with a debit card, app, frequently use QR codes, and pay all my bills via the app.  I've never been scammed.

Sounds like you are overly paranoid, to the point of making your life harder.

  • Thumbs Up 1
Link to comment
Share on other sites

5 hours ago, edwinchester said:

So they receive an sms to get instructions from a Line account to install further software. Nobody deserves to be scammed but anyone who falls for this is a little short of grey matter up top.

Plus, giving their on-line bank six-digit code? Why, to register their ID on-line. No bank is involved in that.

Link to comment
Share on other sites

2 hours ago, Sigma6 said:

Sounds like you are overly paranoid, to the point of making your life harder.

I'm sure there are many who agree with you, and there may be no right or wrong between us, just a matter of comfort level. I will say a big reason I'm set up like this is that my live-in TGF sees a lot of stories of scams on her phone and has influenced me; she probably also thinks that if I never get scammed then I will have no reason to ever suspect her. So: this way I have peace of mind, and a walk to the bank is just good exercise for an old retired guy.

But it would be helpful if someone could point out a real flaw in my system; that's partly why I posted. Thanks, to you, and everyone.

  • Like 1
  • Thumbs Up 1
Link to comment
Share on other sites

Folks if you want to recive your millions from a Nigerian Prince you must not be afraid to give out your banking info and passwords to who ever asks for them....If you delay your millions could be gone....

Edited by redwood1
  • Like 1
  • Haha 1
Link to comment
Share on other sites

You get annoyed with all those official apps including now the app you have to use to do banking.

Yesterday I try to log in through the website of SCB, yes I know it is finished sinds 14th of July, but when I try the app is was at the moment not possible to log in.

Terrible s**tt is it.

Link to comment
Share on other sites

38 minutes ago, redwood1 said:

Folks if you want to recive your millions from a Nigerian Prince you must not be afraid to give out your banking info and passwords to who ever asks for them....If you delay your millions could be gone....

I can't tell you how many billions of dollars I have lost, due to my paranoia.

Perhaps one day I will finally get over it and can accept the millions being offered to me!  

Link to comment
Share on other sites

12 hours ago, jacko45k said:

It makes me concerned over the so called security Android offers if it allows an APK to be loaded, transferring control of a phone elsewhere. I see no reason for that.

Not only that, but a while ago I read that this malware can be loaded when connecting to a charging station anywhere.
Android is not a safe operating system and believers that claim otherwise should face the truth.
I refuse to use my phone for any banking or financial transactions.

Link to comment
Share on other sites

8 hours ago, Sigma6 said:

I have an account, with a debit card, app, frequently use QR codes, and pay all my bills via the app.  I've never been scammed.

Sounds like you are overly paranoid, to the point of making your life harder.

Sooner or later you too will be scammed.
Just wait for it.

Link to comment
Share on other sites

28 minutes ago, Confuscious said:

Sooner or later you too will be scammed.
Just wait for it.

It would take my card being skimmed (possible) or my Kbank account being hacked (unlikely).  I dont see another angle for attack.

Im not scanning random QR codes anywhere; I scan my bills, or the till in Makro, for example

I dont click on BS links in any messages, or install unknown random apps.

 

I think common sense covers most risks.
 

Link to comment
Share on other sites

Go back the Old way, No QR codes payments No I banking with the Phone . 

Just go shopping with Cash or an  Debit card with your 6 Digit PIN.

I Banking  on ones laptop with a OTP send to ones Phone Thats ok  .

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...