Scammers continue to target CIMB customers, using many different kinds of fake SMS messages.
Do NOT click or call if you receive any of these fake SMS messages!
And please warn your family and friends!
Scam Alert : CIMB Customers Hit By Fake SMS Messages!
Whether you are a CIMB Bank customer or not, you may receive one of these alarming SMS messages :
RM 0.00 CIMB: Confidential!
Dear CIMB users, your account will TERMINATED on 24/12/20. Verify via http://www.cimbclickikm.cc to keep on using CIMB Clicks services.
Please make verification within 24hours to avoid service interruption.
RM0 CIMB: Instant Transfer RM4998.78 to CHAY LEE FEN/HONG LEONG on 23-Dec-2020, 13:06:35. Call the no. at the back of your card for queries.
If you receive any of these SMS messages, please DO NOT click on the link, or call the number. JUST IGNORE THEM, or delete them.
RM0.00 CIMB: MYR 2968.00 was charged on your card num 4204 at Shopee.MY. If this is not your txn, call 1800-9767 now.
Cimb Your account is judged as high risk by the system, PLS re-verify your account. cimbclicksecurity.com
Note : These scams do not just affect CIMB Bank. In fact, all banks are affected :
- Scam Warning : Public Bank Customers Hit By Fake SMS!
- THREE Fake CIMB Bank Call + SMS Scams!
- Watch Out For The Alliance Bank & CIMB Phone Scam!
- Watch Out For This Maybank Personal Loan Scam!
Why These CIMB SMS Messages Are Fake
Let us show you how to identify these fake CIMB SMS messages.
If you spot any of these warning signs, BACK OFF and DO NOT PROCEED!
Warning Sign #1 : Grammatical Mistakes
If you carefully read the first SMS messages above, you can easily spot numerous grammatical mistakes. A bank will never send such poorly worded messages to their customers.
However, they may copy the real SMS message from CIMB to trick you into thinking that this is a real transaction. Such fake SMS messages will have proper grammar.
Warning Sign #2 : Embedded Links
Banks will NEVER embed links (URLs) into the message. If you see embedded links, always think – SCAM SMS!
Unlike the Public Bank SMS scam, they used a copy of the real SMS message to trick you into clicking the URL in the first message.
Warning Sign #3 : Wrong Links
And always check the link – www.cimbclickikm.cc and cimbclicksecurity.com are not the correct addresses for the CIMB Bank websites (www.cimbclicks.com.my or www.cimb.com.my).
The best policy is to manually key in the bank website address. NEVER click on any link in an SMS, even if it looks legit.
When you see any website with .cc links, be wary because the .CC domains are registered in the Cocos (Keeling) Islands – an Australian territory of only 14 km², with only about 600 inhabitants.
Warning Sign #4 : No Personal Login Phrase / Picture
To avoid phishing attacks, banks now give you a secret response (like a picture or a phrase) to confirm that you are visiting their legitimate website.
If the website you are visiting gives you the wrong picture or secret phrase, you have been tricked into visiting a fake website designed to mimic the real bank website.
You should also remember that the bank website must show you secret picture or phrase right after you enter your login, but BEFORE you key in your password.
If you are asked to key in your password without the website displaying the secret phrase or picture, you have been tricked into visiting a fake website designed to mimic the real bank website.
CIMB Advice To Protect Against Fake SMS / Email Scams
Here is a list of DOs and DON’Ts to protect yourself against fake SMS / email scams.
Please DO follow these good practices
- Pay attention to your transaction alerts and check your account activities regularly. In case of any unusual activity, please contact us immediately.
- If you wish to contact us, ONLY call the number on the back of your card or refer to CIMB website “Contact Us” page.
- Always check the URL of the website that you are making purchases from. Ensure the “lock” icon or “https” appears on the website’s address bar.
- Always find a reputable seller on online marketplaces by searching for reviews from other customers to know their experience.
- To access CIMB Clicks, type the entire URL as follows: www.cimbclicks.com.my
- Always remember to log out once you have completed your banking transactions.
Please DO NOT follow these bad practices
- Don’t panic and give personal information to fraudsters impersonating representatives of government agencies etc. even if they deploy fear tactics. Immediately call the number on the back of your card to verify with CIMB.
- Never apply for personal financing through unverified links or individuals promising a lower rate. CIMB does not impose any application charges for personal financing applications.
- Never take instructions from anyone to change the mobile number in CIMB records to any number other than your own mobile number.
- When transacting online, never continue with a purchase if you have any doubts if the seller is not genuine.
- Never share details such as your card number / User ID / PIN / password / TAC with anyone or key them in in any website other than CIMB Clicks.
(Note: CIMB will never ask for your ‘User ID’, ‘Password’ or ‘TAC’ under any circumstances outside of CIMB Clicks). - Do not click on links or open email attachments from unknown / unreliable senders / sources.
(Note: Emails from CIMB will always end with @cimb.com such as [email protected])
Recommended Reading
- Interstate Travel Now Limited To 3 Situations Only!
- Scam Warning : Public Bank Customers Hit By Fake SMS!
- Dr. Zhong Nanshan : How To Build Immunity Against COVID?
- COVID-19 Vaccine Breakthrough : What You Need To Know!
- Public Bank Segambut Closed After COVID-19 Case!
- Malaysia COVID-19 Vaccine Plan : 14 April 2021 Edition!
- Fact Check : Buka Puasa Picnic Allowed In Putrajaya?
- The Shyama Nair Petition To Stop Sinovac Vaccine Use
- No More Dimsum : Why It Lasted Less Than 5 Years!
- CanSino COVID-19 Vaccine : What You Need To Know!
- Scammer vs Scalper : Five RTX 30 Series Cards Gone!
- Fact Check : China’s Guidelines For Sinovac Vaccine?
- Chinese Vaccine Efficacy Not High? What Are The Facts?
- COVID-19 Vaccination : How To Check Your Appointment?
- China : Was COVID-19 Created In Fort Detrick Bio Lab?
- Did US Supreme Court Overturn Universal Vaccination?
- China Used Hot Drinks + Steam To Kill COVID-19?
- Fact Check : G64 COVID-19 Strain From India + Egypt?
- Employee Used Fake COVID-19 Test To Skip Work!
- Scam Alert : Fake DON DON DONKI Giveaway!
- Is It Wrong To Laminate Official Documents?
- US Tax : How Much YouTube Income Will You Lose?
Go Back To > Cybersecurity | Business | Home
Support Tech ARP!
If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!