Back to Articles Archive



Online Scam

1.0   Introduction

Internet scam is a type of fraud which makes use of the Internet. Online fraud appears in many forms. It ranges from email spam to online scams. Internet fraud can occur even if partly based on the use of internet services and is mostly or completely based on the use of the internet. The number of online scams in Malaysia has reported to be increased, with an average of 10,000 cases reported each year. The study found that one in five Malaysians had been victims of both Internet auction scams and online dating scams. A quarter of Malaysians have experienced Internet auction fraud. An Internet Scams study 2016 shows that the top three scams in Malaysia are ‘work from home’ fraud (30%); internet auction scams; (22%) and online dating scams (20%). All of those surveyed classified themselves as internet users, averaging nearly 10 hours per day on the web. However, online safety is a growing concern with more than half of those surveyed (54%) stating they are ‘very concerned’ with online scams more than those equally concerned with mugging (45%) and stalking (42%). Of the regions surveyed, Malaysia was the country most vulnerable to internet scams, with 46% of respondents saying they had been victims to scams—followed only by Thailand at 43%.

1.1   Types of Online Scam

There are many different types of online scams. Their final target is always money and there is nothing they won’t do to accomplish their mission. Below are the famous online scams you need to stay away from right now.

1.1.1   Phishing email scams

Phishing scams are based on communication made via email or on social networks. Normally the cyber criminals will send users messages/emails by trying to trick them into providing them valuable and sensitive data. This is because the emails seem real from an official source such as bank institutions or any other financial authority, legitimate companies or social networks representatives for users. This way, they’ll use social engineering techniques by convincing you to click on a specific malicious link and access a website that looks legit, but it’s actually controlled by them. You will be redirect to a fake login access page that resembles the real website. If you’re not paying attention, you might end up giving your login credentials and other personal information. In order to success, scammers will create a sense of urgency. They’ll tell you a frightening story of how your bank account is under threat and how you really need to access as soon as possible a site where you must insert your credentials in order to confirm your identity or your account. After you fill in your online banking credentials, cyber criminals use them to breach your real bank account or to sell them on the dark web to other interested parties.

1.1.2   The Nigerian scam “Nigerian 419”

Nigerian scam is the one of the oldest and most popular Internet scam used mostly by a member of a Nigerian family with wealth to trick different people. A Nigerian scam involves an emotional email, letter, text message or social networking message coming from a scammer as a an official government member, a businessman or a member of a very wealthy family member to ask you to give help in retrieving a large sum of money from a bank, paying initially small fees for papers and legal matters. In exchange for your help, they promise you a very large sum of money. They will be persistent and ask you to pay more and more money for additional services, such as transactions or transfer costs. You’ll even receive papers that are supposed to make you believe that it’s all for real. In the end, you are left broke and without any of the promised money.

1.1.3   Bank loan or credit card scam

People can be easily scammed by “too good to be true” bank offers that might guarantee large amounts of money and have already been pre-approved by the bank. If such an incredible pre-approved loan is offered to you, ask yourself: “How is it possible for a bank to offer you such a large sum of money without even checking and analyzing your financial situation?” Though it may seem unlikely for people to get trapped by this scam, there are still a big number of people who lost money by paying the “mandatory” processing fees required by the scammers.

1.1.4   Facebook impersonation scam (hijacked profile scam)

Facebook - everyone is talking about it these days, and the scandal about Cambridge Analytica firm harvesting personal data taken from millions of this social media channel without users’ consent. It’s still the most popular social media network where everyone is active and uses it on a daily basis to keep in touch with friends and colleagues. Unfortunately, it has become also the perfect place for online scammers to find their victims.

1.1.5   Online dating (romance) scams

As the Internet plays an important role in our social lives, with apps like Facebook or Instagram user can access it every day, it’s inevitable to use apps to look for love as well. A romance scam takes place on social dating networks such as Facebook, or by sending a simple email to the potential target, and affects thousands of victims from all over the world. Cyber criminals have abused this scamming method for years by using the online dating services. They improved their approach just by testing the potential victims’ reactions. According to a research published in the British Journal of Criminology, the techniques (and psychological methods) used by scammers in online romance scams are similar with those used in the domestic violence cases.

  ·  A woman lost £1.6 million after she met two conmen on a dating site

  ·  A Perth woman has lost $300,000 after falling in love with a fake Facebook profile

  ·  US woman lost her $50.000 life savings by becoming victim of a cyber-dating scam artist

1.1.6   Fake antivirus software

Sometimes we will receive a message on our screens: “You have been infected! Download anti-virus X right now to protect your computer!” Many of these pop-ups were very well created to look like legitimate messages that you might get from Windows or any other security product. If user is lucky, there is nothing more than an innocent hoax that will bother user by displaying unwanted pop-ups on user screen while you browse online. If user is not lucky, the system can end up getting infected with malware, such as a Trojan or a key logger. This kind of message could also come from one of the most dangerous ransom ware threats around, such as Crypto Locker, which is capable of blocking and encrypting your operating system and requesting you a sum of money in exchange for the decryption key.

1.1.7   Make money fast scams (Economic scams)

Cyber criminals will lure you into believing you can make money easy and fast on the internet. They’ll promise you non-existent jobs, including plans and methods of getting rich quickly. It is a quite simple and effective approach, because it addresses a basic need for money, especially when someone is in a difficult financial situation. This scamming method is similar to the romance scam mentioned above, where the cyber attackers address the emotional side of victims. The fraudulent posting of nonexistent jobs for a variety of positions is part of the online criminals’ arsenal.

1.1.8   Fake shopping websites

We all love shopping and it’s easier and more convenient to do it on the Internet with a few clicks. But for your online safety, be cautious about the sites you visit. There are thousands of websites out there that provide false information, and might redirect you to malicious links, giving hackers access to your most valuable data.

1.1.9   SMS Scaming (Smshing)

In the era of Internet, you can’t live without Smartphones as it essential for communication, online shopping, banking or any other online activity. Needless to say the amount of data we store on our personal devices which make them vulnerable to cyber criminals, always prepared to steal our online identities or empty our bank accounts. Smishing (using SMS text messages) is a similar technique to phishing, but, instead of sending emails, malicious hackers send text messages to their potential victims. The user will receive an urgent text message on smartphone with a link attached saying that it’s from bank and user need to access it in order to update your bank information, or other online banking information.

2.0   How to spot an online scam

As a user of internet, it is important to learn to recognize and spot an online scam a mile away, before you get suckered. Let's take a look at several signs of an Internet scam.

1.   Money.

Whether it is a lottery, prize, sweepstakes, phishing, or reshipping scam, money is always involved. They may say that you have won money that you have been left money, that your money is in danger, but the common element is money. This should be your biggest indicator that you might be looking at a scam.

2.   It Sounds Too Good to Be True.

This is definitely the case when it comes to online scams. Scammers play on the fact that many people would love to get rich quickly by learning how to make money with minimal effort or learn some money making secret that no one else knows about. Scammers dangle the carrot of easy money in order to distract you from their target: your personal and financial information.

3.   Urgent! ACT NOW! Don't Wait! Phishing scammers are notorious for creating a false sense of urgency and attempting to induce panic in order to circumvent their victim's rational thought processes. Scammers use false urgency to distract you from their true goal.

4.   The Power of Fear

Usually, scammers will use fear to manipulate by telling you that something is wrong with your account or your computer to scare you. Some scammers might even try to convince you that they are law enforcement and that you've committed a crime such as downloading pirated software. They will use your fear to trick you into paying a "fine" (called ransom ware) to make everything run smoothly, but it's nothing more than blackmail under false pretence.

5.   We Need Some of Your Personal Information What does every scammer want besides your money? They want your personal information so they can steal your identity to sell it to other crooks or use it themselves to obtain loans and credit cards in your name.

1.   Profile of Online Scammer

Most scammers choose victims that are older than they are, for example, so if someone who is significantly younger than you says that they’re interested, it could be cause for concern. Scammers also often list themselves as widowed (especially with a child), self-employed, or working overseas. They might also say that they live near you, but that they’re away; they could be in another country on a trip or for work, but they’ll almost certainly be somewhere far away where you can’t meet them. The photos used by scammers can also clue you in that something is off. If the scammer says they did like to get to know you, save a copy of their picture and use Google’s reverse image search to see if anyone has posted about that photo being used for a scam. If that image shows up on other profiles with different names, you should be suspicious. It’s possible that it’s someone looking for an affair on a dating site, but it could also be a scammer. If you receive other photos, and anything seems off, be wary.

2.   Communication

While there are online dating scammers from all over the world, a significant number of them come from non-English language countries, which means that sometimes there will be communicative markers that indicate your suitor isn’t who they say they are. If their profile says they’ve lived in Ohio their entire lives, but they’re using nonstandard English, or have notably poor grammar, that could be a warning sign (Nigerian scam email). This can become especially evident in an email conversation or on the phone, where they need to spontaneously come up with things to say. This is difficult for non-native speakers. Obviously, there are plenty of non-native speakers out there who are sincerely looking for a relationship, and they could very well be from heritage speaking communities in the United State or Britain. This isn’t a dead giveaway, but it’s something to watch out for.

3.   Not Being Able To Meet

Most of the scammers will avoid face-to-face meetings even they live near you, they’ll say they’re out of town and won’t be able to meet. They might even set up a time to meet and then say they were held up by something else. Of course, some people are just shy or are nervous about meeting people that they’ve met online. This might be possible that they’re trying to avoid getting caught by a spouse. However, repeated excuses at the last minute are a definite warning sign. Some scammers will use similar excuses for avoiding phone conversations, though many will talk to you on the phone before reeling you in for the scam.

4.   Asking For Financial Information or Money

Normally the person you’re talking to will not ask you for money or financial details such as your bank account, credit cards, how much you have in savings. This is a big warning sign that you’re talking to a scammer. The most common reasons scammers needing money are not being able to afford a passport, visa, other travel documents, or plane tickets meet you; an emergency stay in the hospital that requires a huge sum of money; getting robbed while traveling; or not being able to access their money from abroad. There’s a huge variety of reasons that you could get as scammers are asking you for money at all.

5.   Trust your Instinct

Sometimes, you can spot an online dating scammer by trusting your instincts. If there is something looks off, be extra wary. It all seems obvious in hindsight, but people want to believe in other people, and that can get in the way of our better judgment. Always be on the lookout, and be extra wary when you meet new people online. If you have suspicions, don’t ignore them. Taking these precautions can help save your money and even more heartbreak.

1.   Unclear Refund and Shipping Policy

A trustworthy retailer will tell you how and where to return a product you're unhappy with. Fake websites, on the other hand, will often have refund policies that are difficult to understand, hard to find or non-existent. If you can't find the policy, try contacting the company to ask them directly. Stay away if you get a vague answer. Also, if they're shipping the product, they should give you an idea of when it will arrive. Be aware that the Federal Trade Commission requires sellers to ship items within 30 days of the order if no specific date is promised.

2.   Poor Reviews

Of course, bad reviews from other users are one of the biggest signs that a website is fraudulent. Type the company's name and "scam" into Google and see if there are any complaints about the site. Also, you can check the Better Business Bureau for reviews or use their Scam Tracker tool to see if others have reported the site.

3.   Shady Contact Information

Trusted retailers typically use their company name or the site's domain name in their email address. If the contact email given is a yahoo email address, or if there's simply a form to fill out on the page instead of an address or phone number, watch out. Try calling the number if you suspect something isn't right. If you don't get an answer during normal business hours or the number isn't in service, the site probably isn't legitimate.

4.   You Can't Pay With a Credit or Debit Card

Beware if the seller is requiring you to pay by money order, bitcoin, cash, or wire transfer. Reputable sites will almost always allow you to pay with secure methods, such as credit cards, debit cards or PayPal. With methods such as wire transfers, you have little recourse to get your money back. Also, go elsewhere if a site ever asks you for information that seems too personal or unnecessary for the transaction, such as your Social Security number.

☀☀☀ Way to avoid online scam

1.   Never give out your credit card or personal information to anyone.

User should contact any related bank at the number on latest statement, never use a number found in an email, or on a website that user were directed to by an email. Avoid giving out your social security number to anyone online. You should also avoid providing any personal information in response to an unsolicited email or a pop-up message.

2.   Ignore advertisements that appear “too good to be true.”

We all know the old saying "If it sounds too good to be true, then it probably is". This is definitely the case when it comes to online scams. Scammers play on the fact that many people would love to get rich quickly by learning how to make money with minimal effort or learn some money making secret that no one else knows about. Thus, as a user of internet, he or she must avoid to trust on that fake advertisement.

3.   Always investigate an email before acting on its content.

As a user, it is important to take time and check the Internet for keywords used in the email to see if it might be a known scam. If the email claims to be from the bank, call the customer service number on the last statement you received in the mail and NOT the one number you found in the email. If someone online ever threatens physical harm to you or your family's personal safety, you should contact your local law enforcement agency as soon as possible.

4.   Use antivirus protection for your PC

Sometimes the scammers won't ask you for personal information but will ask you to install software on your computer. This software is usually malware, disguised as something else. The most frequent tip on how to be safe online is to use a good antivirus to enhance your online protection with a specialized security product against financial malware, and complement your traditional antivirus program. Also, make sure you do not click on pop-up windows that annoyingly warn you’ve been infected with virus. Remember to always apply the existing updates for your software products, and install only legitimate software programs from verified websites.

5.   Don’t keep too much information on your smartphone

These days, everybody stores a lot of important personal information on their phone, and most of us rarely take the time to secure them. Most of the users shopping online using their smartphone, but this carry its own risks. Fake online shops can infect your smartphone with malware, and then have access to information such as phone numbers, notes, photos, and even app contents. Try to avoid save your detail of financial information in your smart phone.

6.   Look for Trust Seals

When a company or organization makes a substantial investment in their customers’ security, they typically want a little bit of credit for it. That’s one of several reasons that trust seals exist. You’ve probably seen more than a few trust seals in your time on the internet. Trust seals are commonly placed on homepages, login pages, and checkout pages.

What to do if you are a victim of any online scams:

☑   Try to recover sent money

Any monies sent are usually lost forever and the victim just has to chock it up to a hard lesson learned. If they sent personally identifiable information (such as credit card or bank account numbers), they should take steps to prevent more fraud. So far the victims had unsuccessfully recovered their monies.

☑   Get fake profiles shut down

Report any confirmed fake identities to the websites and email companies that were involved. With dating scams so popular, the process is usually automated. Go to the social media site, and look for a Report Fake Profile button, and the rest happens automatically.

☑   Change Passwords

If you’ve clicked the wrong link or provided personal information in response to a phishing scam, change your passwords immediately. This goes for email and all accounts, including bank accounts and PIN numbers. Create strong, complicated, new passwords that feature a confusing slew of numbers and symbols. Such passwords are much, much harder to break.

☑   Contact Credit Card Companies

Alert credit card companies and explain the situation. Your credit cards might not have been used yet, but if you feel unauthorized charges are in your future, it’s essential to freeze or cancel your cards. Let your bank know what happened so they can further protect your credit line.

☑   Contact Relevant Authorities or Enforcing Agencies

Lodge complaints to MCMC’s Consumer Complaints Bureau by providing detailed information and supporting documents about the reported content. A copy of emails/letters sent to the website owner/moderator/administrator or other enforcement agencies should also be included. You can lodge complaints through ttp:// any complaint channel provided by MCMC. MCMC will investigate the complaint and assist to solve issues face.

Report(s) may also lodge to relevant authorities like PDRM, KPDNKK, BNM and other related enforcement agencies.


There are still many people in Malaysia who believe in and are falling victims to financial frauds even though lots information as well as their modus operandi have been disseminated and exposed. The Malaysians are still lacking of awareness with the issues and many do not see the danger that online scams could pose and affected their lives. Remember; be wary when it comes to money and also your personal information. Don’t fall for anything that sounds too good to be true as fraudsters usually, try to tap into victims who are greedy or gullible. If you want to invest, do know that if it promises high and fast returns, it’s highly likely a scam. Though not all people are victims to online scams, yet they are still at risk. Crimes by computer vary, and they don’t always occur behind the computer, but they executed by computer. The hacker could live three continents away from its victim, and they wouldn’t even know they were being hacked. Crimes done behind the computer are the 21st century’s problem. With the technology increasing, criminals don’t have to rob banks, nor do they have to be outside in order to commit any crimes. They have everything they need on their lap. Their weapons aren’t guns anymore; they attack with mouse cursors and passwords. Online scams are real do not threat them lightly. Educate yourself with scams updated news and issues. Read testimonies by the victims themselves and learn from their stories. Do not add yourself to the statistics. Protect yourself online.
















Back to Articles Archive