Tag Archives: Cyberthreats

Is WEF Planning Cyber Attack To Disrupt 2024 Election?!

Is the WEF planning to launch a ‘false flag’ cyber attack to disrupt the 2024 US Presidential election?! Take a look at the viral claim, and find out what the facts really are!

 

Claim : WEF Plans Cyber Attack To Disrupt 2024 Election!

People are sharing an article (archive) by The People’s Voice (formerly NewsPunch), which claimed or suggested that the World Economic Forum (WEF) is planning to launch a ‘false flag’ cyber attack to disrupt the 2024 US Presidential election!

WEF Insider: Imminent ‘False Flag’ Cyber Attack Will Disrupt 2024 Election

Recommended : WEF ordered electors to not certify Trump’s 2024 election win?!

 

No Evidence WEF Plans Cyber Attack To Disrupt 2024 Election!

This is yet another example of fake news created / promoted by The People’s Voice, and here are the reasons why…

Fact #1 : No Evidence WEF Plans Cyber Attack To Disrupt 2024 Election!

Let me start by pointing out that there is no evidence of the World Economic Forum (WEF) plans to launch a cyber attack to disrupt the 2024 President election.

If a WEF insider did indeed reveal such a plan, it would have gone viral, and it would have been condemned by everyone from the left to the right. The FBI and US Department of Homeland Security would also have launched criminal investigations.

Yet, there was no such report by the mainstream media, and no social media outrage. Heck, even right-wing American websites did not so much as squeak about a juicy WEF plot to launch a cyber attack against the United States???

That’s because that never happened. The People’s Voice article, unsurprisingly, offered no evidence to back up its “fact checked” claim.

Fact #2 : Voters Don’t Use Ballot Tabulators

The People’s Voice article claimed that South Carolina primary voters were “reportedly unable to vote due to ballot tabulators being unable to connect to the internet [sic]”.

Well, I could find no report of South Carolina primary voters not being able to vote because ballot tabulators were unable to connect to the Internet. That’s probably because no voter ever uses ballot tabulators to cast their vote.

Ballot tabulators are machines used to scan and count ballots, and are never used by voters to cast their votes! So how would any ballot tabulator failure prevent voters from casting their votes?

Unsurprisingly, The People’s Voice article offered no evidence of such ballot tabulator failure, or that South Carolina voters were prevented from voting in its 2024 Presidential primary elections.

Recommended : Biden hired Bill Gates to flood Internet with AI censorship bots?!

Fact #3 : South Carolina Voting System Isn’t Connected To Internet

According to the South Carolina Election Commission, the South Carolina voting system is never connected to the Internet.

In fact, the ballot marking devices (BMD), ballot scanners, and computers used to tabulate the votes, are not even capable of being connected to the Internet!

Is the voting system connected to the Internet?

No, the voting system is never connected to the internet. Computers used to tabulate votes, BMDs, and ballot scanners used in South Carolina are not even capable of being connected to the Internet.

Needless to say, The People’s Voice article provided no evidence that ballot tabulators used in South Carolina were even capable of being connected to the Internet, never mind requiring it to work!

Fact #4 : WEF Screenshot Is Fake

The cover image used by The People’s Voice article and video has a screenshot which purportedly shows the World Economic Forum (WEF) posting on X (formerly Twitter) that:

The coming cyber attack will allow a New World Order to emerge.

That is most definitely a fake screenshot, because there is no such post on X by the World Economic Forum. And it’s a really silly creation too – why would the WEF reveal its nefarious cyber attack plan publicly?

Yet again, The People’s Voice article provided no evidence that such a post ever existed! In fact, it would not need some “WEF insider” to spill the beans when the WEF itself already publicly revealed its cyber attack plan!

Recommended : Did EU Legalise Child Porn As WEF Pedophilia Agenda?!

Fact #5 : The People’s Voice Is Known For Fake News

The People’s Voice is the current name for NewsPunch, which possibly changed its name because its brand has been so thoroughly discredited after posting numerous shocking but fake stories.

Founded as Your News Wire in 2014, it was rebranded as NewsPunch in November 2018, before becoming The People’s Voice. A 2017 BuzzFeed report identified NewsPunch as the second-largest source of popular fake news on Facebook that year.

Its articles have been regularly debunked as fake news, so you should never share anything from NewsPunch / The People’s Voice.  Here are some of its fake stories that I fact checked earlier:

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | PoliticsTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How Antivaxxers Create Fake News Using VAERS!

Like the British Yellow Card system, VAERS has long been used by antivaxxers to create fake news about vaccines.

Find out why VAERS is so important to doctors, and yet so easily abused by antivaxxers!

Updated @ 2024-01-07 : Refreshed article for new slew of VAERS-based “reports”
Originally posted @ 2021-09-03

 

VAERS : What Is It?

VAERS is an acronym for the Vaccine Adverse Event Reporting System used by the US government.

Like the British Yellow Card system, it is a passive reporting system that relies on individuals to submit reports of their adverse reactions to vaccines.

This open design used by both VAERS and Yellow Card lets scientists catch very rare adverse effects that even large clinical trials may not catch.

For example, anaphylactic reactions to the Pfizer and Moderna vaccines are so rare, they didn’t show up in their large Phase 3 clinical trials at all. They were only identified through VAERS after mass vaccinations started.

Recommended : Did Hackers Release Pfizer + Moderna Vaccine Death Data?!

 

Here’s How Antivaxxers Create Fake News Using VAERS!

Both the American VAERS and the British Yellow Card system suffer from the same problem – their open catch-all design lets ANYONE file a report.

Not just parents and patients, but also any Tom, Dick or Harry with nothing better to do. And you don’t even have to ever been to the United States to file a report!

This allows antivaxxers to abuse both the VAERS and Yellow Card systems to create fake news about vaccines.

Back in 2004, James Laidler famously filed an adverse reaction report into VAERS, claiming that his annual influenza vaccine turned him into the Incredible Hulk!

Incredibly, the CDC had to ask for his permission to remove the fake report. Otherwise, it would remain in the database forever!

Recommended : Were COVID-19 Vaccines Recalled After 40K Deaths?!

More recently, anti-vaccination websites have been using VAERS and Yellow Card reports to fabricate fake news that vaccines are killing people.

The CDC is well-aware of this problem, which is why they explicitly pointed out to everyone that :

  • Reports may include incomplete, inaccurate, coincidental and unverified information.
  • The number of reports alone cannot be interpreted or used to reach conclusions about the existence, severity, frequency, or rates of problems associated with vaccines.

So the next time you read an article claiming that VAERS or the Yellow Card system are reporting injuries and deaths from this or that vaccine, take them with a BIG, BIG PINCH of salt. None of those reports are verified.

 

VAERS : Anyone Can File A Fake Report!

To demonstrate this point, here is a fake report I attempted to file into VAERS, with the following information :

First Name : Donkey
Last Name : Kong
Street Address : Rolling Barrel Avenue
City : Jungle
County : Donkey
Date Of Birth : 1 January 1908
Age : 113 Years Old
Race : 1% white, 2% black, 3% Asian, 4% Latin, 90% alien

Date of Vaccination : 31 May 2021, 1:00 AM
Date of Adverse Event : 31 May 2021, 1:01 AM
Facility / Clinic Name : Jungle Clinic
Facility / Clinic Address : Jungle Clearing, Jungle

Recommended : Did Bill Gates Call For COVID-19 Vaccine Withdrawal?!

Vaccine : COVID19 (Pfizer-BioNTech)
Lot Number : 1110654
Dose Number : 6 (it actually only has 2 doses)

Description of Adverse Event(s)

I asked to be jabbed in my left arm, the doctor insisted right arm is better because right is right, no?

After the jab, I went back and on the way back, two young punks pulled up in their fancy Mercedes at the traffic light.

I challenged them to a race in my Mustang, and midway, they clipped me and sent me flying through the walls of the Grand National Bank.

As a result, I suffered two broken legs and my right arm was ripped off.

I’m absolutely confident that my driving skills were impaired by the vaccine, and it also made my right arm easy to tear off.

Recommended : COVID vaccines have 1000X death rate than safe limit?!

Medical tests and lab results

The doctors at AdventHealth Orlando have all my medical reports and my right arm.

Days hospitalised : 300
Life threatening illness : Yes
Disability or permanent damage : Yes
Congenital anomaly or birth defect : Yes

Other Vaccine : Bullshit Vaccine
Manufacturer : Google
Adverse Event From That Vaccine : My penis fell off after getting the MMR vaccine

I did not hit Submit though, because I did not want to add another fake adverse event to the holster of anti-vaccination advocates.

But take a look at the screenshots, and see just how easy it is for anyone to make a fake VAERS report. There is no need to verify any personal details, and you can do this from anywhere in the world!

Recommended : Are Residual DNA In mRNA Vaccines Dangerous?!

But as you can now see – it is very easy to abuse VAERS. With enough time and persistence, you can file all kinds of fake reports on VAERS, and use those reports to push your narrative.

That’s why responsible people do not use unverified VAERS reports. You should always be wary of anyone who makes a claim based on VAERS reports.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

Don’t forget to protect yourself, and your family, by vaccinating against COVID-19!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Health | Fact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can You Get Free Cash Via MyKasih App?!

Is the MyKasih Foundation giving out RM1000 or RM1200 cash aid via its mobile app?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Get Free Cash Via MyKasih App!

Many people are getting messages about getting free cash through the MyKasih Foundation on WhatsApp and Telegram, from their family members and friends:

Terkini: Bantuan Percuma RM1000 Ke Dalam MyKad : Rujuk Cara Semakan & Syarat Kelayakan

Latest: Free RM1000 Assistance Into MyKad : How To Check & Eligibility Conditions

Jom claim RM1200

MyKasih Foundation : Cek MyKad Boleh Dapat Wang RM1000 Secara Percuma

MyKasih Foundation : Check MyKad To Get Free RM1000

Bantuan Tambahan STR 2023 MySARA RM800: Semakan Status & Tarikh Bayaran

Additional STR 2023 MySARA Assistance RM800: Check Status & Payment Date

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : MyKasih Free Cash App Is A Scam!

This is yet another example of SCAMS circulating on WhatsApp and Telegram, and here are reasons why…

Fact #1 : MyKasih Free Cash Initiative Is A Scam!

First, let me just point out that these messages on WhatsApp and Telegram, as well as the websites promoting the MyKasih free cash initiative is a scam!

The Malaysian government have already labelled these free cash offers as FAKE NEWS on Facebook and Twitter. Here is a non-exhaustive list of links that have been identified as scam links:

my.mykasihh.online

l.my-kasihapp.com

apps-mykasih.co/twe

There’s no need to memorise these links. These scammers will keep changing them.

Just know that the official MyKasih website is www.mykasih.com.my. Do NOT go to any other website when it comes to the MyKasih Foundation website.

Fact #2 : Those Accounts Were Hijacked

Those viral messages are actually coming from WhatsApp and Telegram accounts that have been hijacked by scammers. That’s why they are so convincing.

Those are really the actual WhatsApp and Telegram accounts of your family members or friends. But they have been taken over by scammers using tricks like the screenshot hack.

Take this opportunity to tighten the security of your own Telegram and WhatsApp accounts, by turning on two-step verification!

Recommended : Can StopNCII Remove All Nude / Deep Fake Photos?!

Fact #3 : SARA Cash Aid Is Only RM600

As part of its initiative to help the hardcore poor handle the high inflation this year, the Malaysia Ministry of Finance announced SARA (Sumbangan Asas Rahmah).

However, the SARA cash aid is only RM600, and limited to the hardcore poor. There is no way for anyone to get RM800, RM1000 or RM1,200 in SARA cash aid from the government.

RM100 x 6 months is credited directly into the MyKad of eligible hardcore poor, allowing them to purchase a limited list of essential goods from grocery stores and supermarkets across Malaysia, from July to December 2023.

In Sabah and Sarawak, the RM600 is credited directly into the bank account, or provided as cash through Bank Simpanan Nasional branches.

Fact #4 : SARA Recipients Are Automatically Selected

There is no need to apply for SARA cash aid. For one thing – it only applies to the hardcore poor. If you are reading this on a computer or a smartphone, you very likely do not qualify as “hardcore poor”.

SARA recipients are automatically determined using the existing eKasih Hardcore Poor data, and includes those who had earlier qualified for the STR 2023 cash aid.

Fact #5 : Real Website Asks Only For Your MyKad

Qualification for the SARA cash aid of RM600 is based entirely on your MyKad number.

On the official Sumbangan Asas Rahmah (SARA) website, you can check for your eligibility using your MyKad number only.

The fake websites look just like the real SARA website, but instead of asking for your MyKad number, they will ask you for your mobile number and ask you to submit a TAC number.

Needless to say – these are scam websites. You should NEVER submit your phone number or any TAC codes.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Is It Dangerous To Exit WhatsApp Exit Scam Groups?!

Is it dangerous to exit WhatsApp scam groups? Or quitting such scam groups on WhatsApp cause your phone to be hacked?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : It Is Dangerous To Exit WhatsApp Scam Groups!

People are sharing this warning about quitting WhatsApp scam groups using the Exit Group link option! Take a look!

Here’s another Scam chat group. DO NOT CLICK ON ITS EXIT GROUP BUTTON to exit, instead go to your top right 3dots and click on exit group or report.

Clicking on the group’s exit button might have dire consequences..

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : It’s Not Dangerous To Exit WhatsApp Scam Groups!

This viral warning was likely created by well-meaning but clueless Internet “experts” who are apparently not tech-savvy enough to understand what’s going on.

Fact #1 : No Evidence Of WhatsApp Exit Group Hacking

First, let me just point out that there is no evidence that anyone was ever hacked after using the Exit Group link to get out of any WhatsApp group, whether they are scam groups or otherwise.

Even if an enterprising hacker / scammer was able to create a message with a fake Exit Group button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.

Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.

Fact #2 : WhatsApp Exit Group Option Is Genuine

The truth is – the Exit Group link that you may see in new messages from strangers is not a scam or a trick. It also does not download or install any APK file.

The Exit Group link is actually a safety feature in WhatsApp, that appears if you have been added to a WhatsApp group by someone who is not in your contact list – like a scammer, for example.

Once you open the new group you have been added to, WhatsApp warns you that you were added by someone who isn’t a contact. You are then given the option to exit the group, or click OK to continue.

There is really nothing malicious about this Exit group link in WhatsApp. Clicking on it to exit any WhatsApp group won’t harm you in any way, or cause your phone to be hacked.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #3 : Older Exit Group Methods Still Work

The WhatsApp Exit group link offers an easy way to quickly remove yourself from a group you don’t want to be in. However, the older exit group methods still work, in case you prefer to use them:

Exit Group Only

  1. Go into the group chat you wish to leave.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select MoreExit group.

An even better option is to actually report the scam group, while quitting it and removing the chat at the same time.

Report + Exit Group Only

  1. Go into the group chat you wish to leave.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select More > Report
  4. Make sure the Exit group and delete chat option is checked.
  5. Tap Report to report and quit from the group, and delete the chat.

Fact #4 : WhatsApp + Telegram Scam Groups Are Real

Before I leave, I just want to remind all of you that there are many scam groups on WhatsApp and Telegram.

If you are added to any of these scam groups, just exit them without a thought. Do not read anything posted in these scam groups, lest you fall for the scam!

That’s why scammers often try to convince you to check out the group first, and “don’t rush to leave the group”:

Hello everyone! Please don’t rush to leave the group, thank you all for taking the time to read this message!

Ignore whatever they post in those scam groups. Hit the Exit group link, or better still – REPORT the group to WhatsApp / Telegram!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Signs Partnership Agreement With LGMS!

Finland’s WithSecure Corporation just signed a partnership agreement with LGMS Berhad to develop cybersecurity solutions for the SME market in Malaysia!

 

WithSecure Signs Partnership Agreement With LGMS

On Wednesday, 1 November 2023, Finland’s WithSecure Corporation (formerly known as F-Secure Business) signed a partnership agreement with LGMS Berhad (LGMS) to develop cybersecurity solutions for the SME market in Malaysia!

The partnership agreement was signed by LGMS Executive Chairman Fong Choong Fook and WithSecure Corporation CEO Juhani Hintikka, who flew in from Finland to emphasise its importance while demonstrating support for the progress of Malaysia’s Digital Economy.

The signing was witnessed by Malaysia Deputy Communications and Digital Minister Teo Nie Ching, together with His Excellency Sami Leino, Ambassador of Finland to Malaysia and Brunei.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

The Deputy Minister said that the partnership was ‘timely’, and represents a ‘significant leap’ towards a secured Digital Economy, and more so ahead of the National Cybersecurity Bill the Unity Government is set to unveil in early-2024.

This partnership is also aligned with the government’s ‘Ekonomi Madani’ vision of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

The partnership agreement today between LGMS and WithSecure embodies a philosophy of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

– Malaysia Deputy Communications and Digital Minister Teo Nie Ching

WithSecure CEO Juhani Hintikka expressed his ‘deepest appreciation’ to the Deputy Minister for endorsing this partnership, stating, “Your presence significantly amplifies the resonance of this initiative, showcasing a unified front in our endeavour to foster a secure and prosperous Digital Economy for Malaysia and also the region.

Recommended : How WithSecure Offensive Security Drives Business Resilience!

 

WithSecure – LGMS Partnership Agreement Details

WithSecure is today a leading international cybersecurity group which had also invested significantly in Malaysia and in nurturing local talent. Besides its headquarters in Helsinki, Finland, WithSecure houses its intelligence, customer support, business operations and shared services in Kuala Lumpur for its Asia-Pacific operations.

LGMS Berhad, meanwhile, has been recognised as Cybersecurity Malaysia’s ‘Company of the Year’ with Fong himself being acknowledged as ‘Cybersecurity Professional of the Year’.

Fong said that, within today’s Digital Economy, cyberthreats and ransomware attacks have become more sophisticated and rampant and potential damages to SMEs, who often lack the necessary IT expertise and resources, can be catastrophic.

Most SMEs today are just one cyber attack away from a devastating setback or even closure. Recognising that most SMEs might not possess advanced IT know-how, our collaboration with WithSecure aims to deliver cybersecurity solutions that are not only robust but also intuitive and user-friendly.

The purpose is to empower our SME community to navigate the digital landscape confidently and securely.

– LGMS Executive Chairman Fong Choong Fook

This localised cybersecurity approach underscores WithSecure’s understanding of the region’s unique digital ecosystem and our commitment to crafting solutions that align with local business needs. It embodies WithSecure’s ethos of merging global cybersecurity expertise with local insights to foster a safer digital realm.

– WithSecure Corporation CEO Juhani Hintikka

One product of this partnership is the ‘Made in Malaysia’ StarSentry solution – a plug-and-play model that is more than just a ‘shield’ for SMEs but offers a proactive approach to threat prevention.

This solution is also aligned with broader sustainability goal and embraces the ESG framework of safeguarding critical infrastructures, nurturing a secure digital community and reinforcing stringent governance standards, demonstrating an unwavering commitment to responsible, transparent business operations.

Pre-orders for the solution can already be made.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bank Letter QR Code Scam : What You Need To Know!

Are scammers sending bank letters with a QR code that can steal your money?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Bank Letter With QR Code Is A Scam!

People are sharing a photo of a letter from a bank, claiming that the QR code in the letter can steal your money if you scan it with your phone!

Circulating In WhatsApp : If you get a letter from the bank like this and ask to update the book using the QR CODE provided in the letter that was sent, don’t ever scan it, you will lose all your daily savings or old age savings, this is another scammer’s work and method take your money, please spread it to everyone so that siblings, relatives, neighbors & family members are not affected by this kind of scam…

Peng Seong, the one : ⛔️ Another Scam ‼️

Do NOT scan the QR code per the letter even with bank’s letterhead without verifying with the bank

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

Truth : Bank Letter With QR Code Is Not A Scam!

This is likely another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : This Is Old Fake News

First, let me just point out that this photo is not new. It first went viral, with a voice message in August 2022, and has subsequently gone viral on and off over the last year or so.

Fact #2 : CIMB Letter Was Genuine

The letter, which was sent by CIMB, is genuine. CIMB even posted a reply to one viral tweet, that the letter was genuine:

FYI, this [letter] is genuinely from our bank. You can refer to the link below for more information: [link no longer available]

[U]ntuk makluman, ia adalah sah dari pihak kami. Anda boleh rujuk pautan di bawah bagi maklumat lanjut: [link no longer available]

Fact #3 : CIMB Letter Was Only Sent To Business Customers

The letter was not meant for consumers, and was only sent to CIMB business customers, to request that they update their company/organisation’s information.

Re: Update on your records to improve your banking experience

We refer to the above mattes and our letter dated 27/06/2022.

We note that you have vet to update your company/organisations information with us.

As part of the Bank’s ongoing process to know our customers better and provide a seamless banking experience, we would like to remind you to return the completed Customer Information Update form to us

This letter appears to be CIMB’s efforts to comply with KYC (Know Your Customer) requirements set out by regulators like Bank Negara Malaysia (BNM).

Recommended : Can StopNCII Remove All Nude / Deep Fake Photos?!

Fact #4 : QR Code Leads To CIMB Website

QR codes is a type of barcode, which allows people and companies to share / deliver information, that can include links. QR codes can lead you to malicious websites, but they cannot deliver malware, or hack your computer or smartphone.

The QR code in the CIMB bank letter isn’t malicious. It actually codes for a link to the CIMB website. You can verify it by simply scanning the QR code in that “CIMB scam letter”. You will see that it only leads to http://www.cimb.com.my/bizupdate [which no longer exists]

Ultimately, this viral warning was likely created by well-meaning but clueless Internet “experts” who are apparently not tech-savvy enough to even verify the QR code by simply scanning it!

Fact #5 : Form Was To Be Emailed / Delivered

The CIMB letter asked its business customers to download and fill in a form. However, that form was not to be submitted online.

Rather, the letter specifically asked its business customers to email the completed form to a legitimate CIMB email address, or to physically mail or courier it to the bank itself.

Scan the QR Code below to download the form. Once you have completed the form, please submit by email to cimb_updates@cimb.com or mail/courier to the address below within 21 days from the date of this letter, failing which, the Bank reserves the right to suspend or close the account in accordance with the account terms and conditions.

In a real scam, you will be asked to taken to a fake CIMB bank website, and asked to logged into your bank account. That’s how the scammer gets hold of your bank login credentials.

However, even that scam won’t work without access to your TAC (Transaction Authorisation Code), which is sent to your phone by SMS, or authenticated through the bank’s mobile app.

For certain, scammers cannot log into your bank account by simply gaining your company’s information through a form, unless you actually include your company’s bank account login details!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PayNow PDF Malware Scam : What You Need To Know!

Is there a new malware scam involving a PayNow PDF?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : WhatsApp Block Button Is A Scam!

People are sharing this warning about a new malware scam involving a PayNow PDF. Take a look!

I just received below the latest and new scams Modus Operandi from my Uncle. Forward to warn and share.
======================

The scammers have changed their modus operandi. They don’t ask you to download the app.
My neighbour told me yesterday that her sister (a cancer patient) wanted a part-time helper to clean her house. Hence, she went to Facebook. I called the number and made the request. The advertiser asked whether she had a Paynow, and she said that she had. He directed her to make the partial payment, and he will send the invoice to confirm. (Note: He did not ask her to download an app, as people are getting alerts). When she received the invoice in the PDF format, she did not suspect any foul play and clicked it. The invoice showed the amount paid and the balance to be paid. After that, she went to sleep. The next morning, her phone could not be switched on.
She used her laptop to check her DBS bank account. Her $20K was gone, and her two fixed deposits of $25K, which had not reached the maturity date, were also gone—the total loss was $ 70K.
When she went to the bank and asked why her fixed deposit was also gone, the receptionist told her that digital banking allows you to transfer the amount back to your account to facilitate withdrawals without going to the bank.
Police told her the malware was embedded in the PDF document.
So folks, beware that the scammers are always changing their modus operandi to con your money $$$! 😡😡😡

Recommended : WhatsApp Block Button Scam : What You Need To Know!

 

No Evidence There Is Any PayNow PDF Scam!

This is likely another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : No Evidence Of PayNow PDF Scam

First, let me just point out that there is no evidence that anyone was ever scammed by a PayNow PDF invoice.

There has been no actual news report of such a case, never mind multiple cases involving malicious PayNow PDF documents.

Frankly, I don’t know of any PDF malware that can shut down a phone, and transfer money from a bank account, including liquidating fixed deposits!

Fact #2 : PDF Malware Generally Target Computers

PDF documents can contain malware, but malicious PDFs generally target Windows computers. In fact, many aren’t actual PDF documents, but are instead executable files masquerading as PDF files – invoice.pdf.exe, for example.

Malicious PDF documents or executables targeted at Windows computers won’t work on smartphones. The malicious PDF must not only be specifically designed to target smartphones, it must target the right operating system – iOS or Android. A malicious PDF targeting Android won’t work on an Apple iPhone, for instance.

On top of that, many PDF malware actually exploit vulnerabilities in a specific PDF reader – most commonly, the industry-standard Adobe Acrobat Reader. Most smartphones do not have Adobe Acrobat Reader installed, and instead rely on a variety of PDF readers like Samsung Note, OneDrive, Google Drive, Kindle, etc.

Embedded PDF malware that target vulnerabilities in the Adobe Acrobat Reader won’t work with other PDF readers. That’s probably why it’s rare to see PDF malware that target smartphones.

Recommended : Can StopNCII Remove All Nude / Deep Fake Photos?!

Fact #3 : PayNow Scams So Far Involve Phishing

Singapore reported 477 cases of PayNow scams in 2021, with 133 more cases in 2022. However, they were not due to PDF malware. Rather, their victims were deceived into giving scammers their digital banking credentials.

In other words, PayNow scams have so far involved phishing attacks, in which victims are tricked into logging into fake websites, or giving up their Internet banking login details by phone.

In one of these scams, victims received phone calls from people pretending to be bank employees. The callers would ask for the victims’ personal details, such as their Internet banking usernames and passwords, under the pretext that the bank needed them to verify transactions in their accounts.

Fact #4 : Singapore Police Warned About Android Malware

It seems likely that the viral warning is based on a misunderstanding of a Singapore Police Force warning about Android malware withdrawing money through PayNow.

Issued on 17 June 2023, the Singaporean police warned that scammers were tricking victims into installing an Android Package Kit (APK) file through WhatsApp and Facebook Messenger. Once installed, the malware allows the scammers to remotely access the victims’ devices, and steal their passwords.

The victims are then directed to fake websites that mimic banks like DBS to key in their banking credentials. The login information obtained through this phishing attack then allows the scammers to withdraw their victims’ money through PayNow.

To be clear – this PayNow scam does NOT involve any PDF. It requires the victim to install an APK file – to gain access of your 2FA (Two-Factor Authentication) device, and provide bank login information through a fake (phishing) website.

This allows the scammers to log into your bank account using the login info you provided, and authenticate all transfers using your mobile phone.

Recommended : Nurse Lost RM380K After Pressing Instagram ‘Like’ Button?!

Fact #5 : Here Are Some Common Cybersecurity Tips

Here are some simple cybersecurity tips to help you avoid getting scammed online:

  • Never install APK files (for Android) from unknown or untrustworthy sources.
  • Never sideload IPA files (for Apple iOS) from unknown or untrustworthy sources.
  • Always check the entire filename, including its file extension:
    – PDF documents should end with .pdf, and not .pdf.apk or .pdf.ipa or .pdf.exe.
    – Word documents should end with .doc or .docx, and not .doc.apk or .doc.ipa or .doc.exe.
  • Never click on any link to go to any bank website. Always type in the link yourself into a web browser, or better still – use the official app issued by the bank.
  • Never give your bank login details to any person, even if they claim to be a police officer, a bank officer, or even a cybersecurity expert!
  • Never give your 2FA authentication code / TAC or OTP number to any person, even if they claim to be a police officer, a bank officer, or even a cybersecurity expert!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WhatsApp Block Button Scam : What You Need To Know!

Will clicking on the WhatsApp block button install a malicious app that will hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : WhatsApp Block Button Is A Scam!

People are sharing this advice on a new WhatsApp scam involving the Block button in messages. Take a look!

New Type of Scam in Whatsapp.

Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message.

Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.

Whatsapp 中的新型诈骗。
不要按消息中的“阻止”按钮,因为当您按下该按钮时,您实际上是在下载此恶意应用程序,而是转到 WhatsApp 设置(右上角的 3 个点)并阻止该消息。
如果您在短信中收到此类消息,请执行相同的操作。

New Type of Scam in Whatsapp. Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message. Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.

Recommended : Can Mexico Did It Photo Infect Your Phone With Virus?!

 

Truth : WhatsApp Block Button Is New Feature!

This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…

Fact #1 : No Evidence Of WhatsApp Block Button Scam

First, let me just point out that there is no evidence that anyone was scammed by the WhatsApp block button in messages.

Even if an enterprising hacker / scammer was able to create a message with a fake block button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.

Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.

Fact #2 : WhatsApp Block Button Is Part Of New Safety Tools

The truth is – the Block button that you may see in new messages from strangers is not a scam. It also does not download or install any APK file.

The Block button is actually part of the new Safety Tools feature that WhatsApp started introducing in July 2023.

The Safety Tools feature will only appear when you receive a message from an unknown number. You will be given some details about the safety of this new contact – whether you are in common groups, and in some cases – the country of origin.

You are given the option of either blocking this new contact, or adding it to your Contact list. You can also click on the Safety tools link for more details.

Recommended : Can Israel Seismic Wave Card Hack Your Phone?!

Fact #3 : Older Blocking Method Still Exists

The new WhatsApp Safety Tools offer an easy way to quickly block and remove obvious spammers and scammers. However, it may not be readily apparent whether the new contact is genuine, or just a spammer / scammer.

If you start messaging with this new contact – to find out if their identity / purpose, the Safety Tools option will disappear. But don’t worry – you can still block this new contact if you realise that he/she is a spammer / scammer.

  1. Go to the messaging screen for the person you want to block.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select More > Block.
    You can also select More > Report (to report block the scammer)

Alternatively, you can block multiple contacts using this method:

  1. Open WhatsApp, and go to the Chats screen.
  2. Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
  3. Select Settings.
  4. Tap on the Privacy option.
  5. Scroll down and tap on Blocked contacts.
  6. Tap on the Add Contacts () icon at the upper right corner.
  7. Search for the contacts you want to remove, and select them.

Now, blocking people does not remove your contact details or profile photo from their phones and devices.

However, they will no longer be able to call you, or send you messages. They will also not be able to see changes to your status updates including when you’re online / last seen, or changes you make to your profile photo.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Israel Seismic Wave Card Hack Your Phone?!

Can the Seismic Wave Card containing photos of the recent Hamas attacks on Israel hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Israel Seismic Wave Card Can Hack Your Phone!

This warning about the Seismic Wave Card containing photos of the recent Hamas attacks on Israel has gone viral on WhatsApp:

URGENT

Some people are going to upload pictures of the fighting in Jewish settlements on WhatsApp. The file is called Seismic Waves CARD.

Do not open it, it will hack your phone in 10 seconds and cannot be stopped in any way.

They talked about it on TV. A cyber attack on us from all kinds of directions is also starting.

Pass the information on to family and friends.

Recommended : Did Fukushima Just Release Black Radioactive Water?!

 

Truth : There Is No Israel Earthquake Seismic Wave Card!

This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…

Fact #1 : There Is No Seismic Wave Card!

First, let me just point out that there is no such thing as a Seismic Wave Card.

The Seismic Wave Card is an Internet hoax that keeps getting recycled for every disaster that comes along, like these examples show:

They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends.
DO NOT OPEN IT. They also said it on TV

They are going to upload some photos of the Cariaco earthquake on Whatsapp. The file is called Waves Seismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV.

Recommended : Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

Fact #2 : Photos Are Shared Directly On WhatsApp

There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.

Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.

Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.

Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.

Fact #3 : Seismic Waves Card Is Not A Browser Hijacker

Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:

The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.

There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Fact Check : New WhatsApp Cyber Crime Rules?!

Did WhatsApp just implement new cyber crime rules to help the government monitor and record your calls and messages?! Find out what the facts really are!

Updated @ 2023-10-08 : Updated after message went viral again.
Originally posted @ 2023-07-03

 

Claim : WhatsApp Has New Cyber Crime Rules!

People are sharing this warning about WhatsApp implementing new cyber crime rules, to help the government monitor and record all calls and messages!

Tʜᴇ ɴᴇᴡ ᴄᴏᴍᴍᴜɴɪᴄᴀᴛɪᴏɴ ʀᴜʟᴇs ғᴏʀ WʜᴀᴛsAᴘᴘ ᴀɴᴅ WʜᴀᴛsAᴘᴘ Cᴀʟʟs (Vᴏɪᴄᴇ ᴀɴᴅ Vɪᴅᴇᴏ Cᴀʟʟs) ᴡɪʟʟ ʙᴇ ɪᴍᴘʟᴇᴍᴇɴᴛᴇᴅ ғʀᴏᴍ ᴛᴏᴍᴏʀʀᴏᴡ: –

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Truth : WhatsApp Does Not Have New Cyber Crime Rules!

And here is why this is nothing more than yet another Internet hoax :

Fact #1 : Only China Can Do This

The only country that has accomplished most of what was shared above is China, but it took them decades to erect the Great Firewall of China.

It’s not just the massive infrastructure that needs to be created, it also requires legislation to be enacted, and considerable manpower and resources to maintain such a system.

That’s why China is leaning heavily on AI and cloud computing capabilities to automatically and quickly censor information it deems “sensitive”.

However, no other country has come close to spending the money and resources on a similar scale, although Russia, Cuba, Vietnam, Zimbabwe and Belarus have imported some surveillance technology from China.

Fact #2 : WhatsApp, Instagram + Facebook Messenger Have End-to-End Encryption

All three Facebook-owned apps now run on the same common platform, which provides end-to-end encryption.

End-to-end encryption protects messages as they travel through the Internet, and specifically prevents anyone (bad guys or your friendly government censor) from snooping into your conversations.

That is also why all three apps are banned in China…

Recommended : Can SIM swap attack empty bank account without warning?!

Fact #3 : Governments Generally Have No Control Over Those Apps

Outside of authoritarian countries like China and Russia, governments generally have little to no control over social media and instant messaging apps. Even then, their control is generally limited to banning access if they don’t get their way.

The ability to keep conversations and messages safe and private is key to the success of instant messaging apps, in particular. So WhatsApp, Telegram and Signal would never allow governments access to user messages or voice calls, never mind record and monitor them for governments!

In fact, by implementing end-to-end encryption, these companies themselves do not have access to your messages and calls.

Fact #4 : WhatsApp Does Not Have Three Check Marks!

WhatsApp messages only have two ticks / check marks to notify users about the status of their messages:

: The message was successfully sent.
: The message was successfully delivered to the recipient’s phone or any of their linked devices.
: The recipient has read your message.

There is no third check mark, as claimed by the viral message.

Fact #5 : Governments Won’t Tip You About Investigations

It is illogical for WhatsApp to inform you when the government is checking your information, or when it has started proceedings against you.

In fact, it doesn’t make sense for any government to inform you by instant messaging check marks! If the government is charging you with a crime, it will send police officers, not check marks on WhatsApp!

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > InternetFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Marshall Minor III Wireless Earphones Scam Alert!

Please watch out for the Marshall Minor III wireless earphones scam! Take a look at the scam, and find out what the facts really are!

 

Marshall Minor III Wireless Earphones Scam Alert!

Scammers are running Facebook ads that promote an awesome discount for the Marshall Minor III wireless earphones! Here is one recent example:

😣”Frustrating” 😣I had to queue for 5 hours at IOI City Mall to buy MARSHALL MINOR III wireless headphones for only RM179 (original price RM596), I was surprised because I thought they only sold directly I heard it’s open for sale online in 2 more days https://www.marshall-ash.asia/ms And also get the same discount as buying at the store. Free shipping nationwide.

But the 4 hours of queuing was worth it. As a Marshall fan, I was very excited when I heard the news that the Minor III series was coming out. And don’t waste your time waiting, the design is very beautiful, more stylish than the old version 💯 Great sound quality. Clear bus, fast Bluetooth connection, suitable for all types of devices, super battery life, 5 hours of continuous use and 25 hours with charging box, waterproof. The best thing about these headphones is the close-to-ear design. Comfortable, can play sports without worrying about falling. If you don’t buy it, you will be very disappointed.

I let my colleagues borrow it to play games because it sounded so realistic. There is no delay in movement.
Many people ask me if the store still has promotions? I just saw information that the store has a discount in the next 2 days. Order quickly. At the end of the promotion, the price will return to the original price of RM596. I leave the purchase link here for those who want to buy: https://www.marshall-ash.asia/ms

Recommended : Bantuan Rakyat Malaysia Scam Alert!

 

Marshall Minor III Offer : Why Is It A Scam?!

This is yet another example of SCAMS circulating on Facebook, and here are there reasons why…

Fact #1 : Marshall Minor III Price Absurdly Low

The first thing about scams involving electronics, is that they often promise ridiculous great deals. If it’s too good to be true, it often is just a scam.

In this particular scam, scammers are offering the Marshall Minor III wireless earphones for just RM179 (US$39). That’s absurd, as the Marshall Minor II wireless earphones has an official retail price of $159 (approximately RM699)!

Marshall is a high-end audiophile brand, and its electronics are never cheap. Even if they offer a discount, it wouldn’t be anything like 70% to 75%. That’s just ridiculous.

For your safety, here are legit purchase options online for the Marshall Minor III earbuds :

Fact #2 : Facebook Advertisement Is Fake

The Facebook advertisement appears to be created by a handsome influencer called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾. with 5.5 million followers.

But that’s what the scammers put in the intro. If you look carefully, this scam page only has 13 followers!

Recommended : Warning – PDRM Parking Fine Scam Alert!

Fact #3 : That Is “Push” Puttichai Kasetsin

The page is not owned by any influencer or digital creator called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾.

Those are actually photos of Puttichai Kasetsin – a Thai actor, model, DJ and TV host who is also known as “Push”.

Recommended : Media Prima / Nielsen Fake Job Scam Alert!

Fact #4 : IOI City Mall Does Not Have A Marshall Outlet

The claim by these scammers that Alvinn Chong queued up for 5 hours at the IOI City Mall to buy the Marshall Minor III wireless earphones is easily debunked.

If you check the IOI City Mall tenant listing, you will quickly discover that it does not have a Marshall outlet.

Fact #5 : Queue Photos Are From Vietnam

The two photos which claim to show long queues for the Marshall Minor III wireless earphones were not taken in Malaysia. They were actually taken in Vietnam.

This photo does not show people in IOI City Mall queueing up outside a Marshall outlet. It actually shows people queuing up for the opening of the 15th Pandora store at the Long Bien Aeon Mall, on 28 April 2022.

Incidentally, Pandora is a Danish jewellery brand, and does not sell Marshall audio products…

Recommended : PDRM Warning : Watch Out For MyBayar Scam!

The second queue photo is also from Vietnam, but taken many years ago on 11 November 2017. It does not show people queuing up to buy any Marshall products either.

They were actually queuing up at Royal City Shopping Center in Hanoi, for the opening ceremony of the second H&M store in Vietnam.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fact #6 : Scam Website Not Affiliated With ASH Asia

ASH Asia is an authorised distributor of Marshall products in Malaysia, Thailand and Vietnam.

However, the scam page (https://www.marshall-ash.asia/ms) has nothing to do with ASH Asia, whose official Marshall Minor III page is https://ash-asia.com/ms.

On top of that, ASH Asia does not sell the Marshall Minor III directly (like the scam page). Instead, ASH Asia sells the wireless earphones through Shopee and Lazada.

Recommended : How A University Student Lost RM22K In Online Job Scam!

In fact, if you check the main domain itself, you will get an error message, stating:

Your domain name has been successfully pointed! Please publish a Landing Page with the above domain name to use the service. Thank you!

This not only gives it away as a scam website, it also suggests that the scammers are operating out of Vietnam.

Fact #7 : Scam Website Admits Selling Fake Marshall Minor III

Ironically, the scam website itself has a disclaimer, warning potential buyers that it is not selling genuine Marshall Minor III wireless earphones, but a replica instead…

Most people won’t notice it because if you click to order, the website is designed to skip past this warning.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #8 : Package Apparently Contained “Trash”?

To assure you that this is safe, the scammers say that you only need to pay on delivery. Sounds good, doesn’t it? That guarantees that you will at least receive the item, doesn’t it?

Not quite, as one person who claimed to have purchased from this scam website explained…

I was attracted and clicked in, filling in my address and phone number. Three days later, I got a call saying that my package would arrive through DHL-COD, and asked me to make sure I was home.

I started looking forward to it, but when I thought about it, I became more suspicious. Since when does DHL provide Cash On Delivery service? I can’t believe they would dare to pay for first-class service without any payment from me. I figured it might be a scam!

What’s the scam? You may not have any doubts when you receive the package. When I open it immediately and take a look, then I realized it was full of garbage. [Unfortunately] I had already paid the delivery person, who ran away.

我被吸引点了进去,填了地址电话。跟着三天后有电话来说我的包裹会到,DHL-COD的,确定我在家等。我开始很期待。跟着想,越想越不对。DHL有COD的服务咩?我还没过账他们就这么敢与服务一流到我不敢相信。我猜可能是诈骗!骗什么?当你收到包裹时是不会怀疑,立刻打开来看的。然后才发现里面是垃圾。人跑了钱给了。。。

If true, the scam involves giving you an empty package filled with trash to receive your cash payment. After which, you have no recourse.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

Can the Seismic Wave Card containing photos of the recent earthquake at Morocco hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Morocco Earthquake Seismic Wave Card Can Hack Your Phone!

This warning about the Seismic Wave Card containing photos of the recent earthquake at Morocco has gone viral on WhatsApp:

They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends.
DO NOT OPEN IT. They also said it on TV

他们将在WhatsApp上上传一些摩洛哥地震的照片。该文件称为地震波CARD,不要打开或看到它,它会在10秒内破解您的手机,并且无法以任何方式停止。与您的家人和朋友分享信息。
不要打开它。他们还在电视上说过

Recommended : Did Fukushima Just Release Black Radioactive Water?!

 

Truth : There Is No Morocco Earthquake Seismic Wave Card!

This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…

Fact #1 : There Is No Seismic Wave Card!

First, let me just point out that there is no such thing as a Seismic Wave Card.

The Seismic Wave Card is an Internet hoax that keeps getting recycled for every earthquake that comes along, like these examples show:

They are going to upload some photos of the Cariaco earthquake on Whatsapp. The file is called Waves Seismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV.

They are going to upload some photos of the Calvario earthquake on WhatsApp. The file is called CARD Seismic Waves. Do not open them or see them, they hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. Don’t open it. They also said it on TV.

Fact #2 : Photos Are Shared Directly On WhatsApp

There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.

Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.

Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.

Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #3 : Seismic Waves Card Is Not A Browser Hijacker

Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:

The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.

This transgression doesn’t end here; they siphon sensitive data and create vulnerabilities in your system’s security framework, providing a gateway for more perilous threats, such as malware and phishing schemes, to invade.

The protracted presence of Seismic Waves Card in your system exponentially escalates the risk of serious compromises, emphasizing the dire necessity for its immediate removal. Recognizing the malicious potential of such unwanted apps is essential in maintaining a secure and safe digital environment. Stay vigilant and prioritize your cybersecurity.

There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bantuan Rakyat Malaysia Scam Alert!

Watch out for the Bantuan Rakyat Malaysia scam on WhatsApp, Telegram, Facebook and Twitter!

Find out how this scam works, and WARN your family and friends!

 

Bantuan Rakyat Malaysia 2023 Scam Alert!

These scam messages about Bantuan Tunai Rakyat (BTR) 2023, or Bantuan Percuma Kerajaan Malaysia 2023, is going viral on WhatsApp, Telegram, and social media platforms like Facebook and Twitter.

CARA SEMAKAN TARIKH BAGI PENERIMA BANTUAN RM600 DIKREDITKAN SETIAP BULAN

Untuk mereka yang layak, anda boleh lakukan semakan dengan mengikuti cara yang diterangkan.

Baca Cara Semakan Bantuan 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE INFO ini kepada rakan-rakan dan saudara mara untuk manfaat semua

HOW TO CHECK THE DATE FOR RECIPIENTS OF ASSISTANCE RM600 CREDIT EVERY MONTH

For those who are eligible, you can check by following the described method.

Read How to Check Help 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE this INFO to friends and relatives for the benefit of all

As one lady shared in the video below, she got tricked by the scammers, who took over her Telegram account to send the same scam message to all of her contacts!

While she claimed that she did not click any link, I will show you how she got scammed…

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Bantuan Rakyat Malaysia Scam : How Does It Work?

Warning : To show you how the scammers work, I will share the links they use. I will highlight those dangerous links in red. Do NOT go to those links.

Super Long Link

To trick people into clicking on the scam links, the scammers intentionally use a misleading and very long URL, so you are less likely to notice the domain.

This is the scam link : https://bntuanrakyatmalaysia.lynk.eu.org/

Note how the scammer used a long list of descriptive keywords – “bantuan“, “rakyat“, “malaysia“, “lynk“, which helps to mislead people, and make it more difficult for them to notice that the domain is “eu.org“.

Obviously, eu.org is not a Malaysian government domain (which ends with .gov.my), and it has nothing to do with Malaysia or financial aid. This domain also has nothing to do with the European Union.

EU.org provides free subdomains, and so scammers use it to not only run their scams, but to give their scams a more “legitimate-looking domain”.

Pro Tip : Always check the domain of a link before you click on it. Avoid super-long links like this because they are often used to mask the domain name.

Recommended : Will Scanning RFID Bar Codes Hack Your Phone?!

Fake Telegram Invitation

After clicking to go to https://bntuanrakyatmalaysia.lynk.eu.org/, you will be taken to what looks like an invitation to join a Telegram group. But in reality, it is a fake Telegram invitation.

A real Telegram invitation will have a link like this – https://t.me/XXXXXXXX. But this scam page has the link – https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Also, a real Telegram invitation can detect if you are using Windows / Mac or Android / iOS, and suggest that  the right download for your device.

The invitation also has a glaring typo – the link says Massage Now, rather than Message Now. Hilarious!

In any case, a real Telegram invitation will not ask you to Message Now. Rather, it will allow you to either View In Telegram, or Preview channel in the web browser itself.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fake Telegram Login Page

If you click on Join Group, you will be taken to this Telegram login page. Even though it offers you a list of countries to select from, the only option is Malaysia.

WARNING – THIS IS A SCAM PAGE. This is what is known in cybersecurity as a “phishing attack”.

First of all, Telegram invitations will never ask you to log into your Telegram account. It will simply launch the Telegram app and load the group for you.

Secondly, if you look at the link, it leads to the same scam domain, specifically https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Do NOT log into your Telegram account in this page.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

If you log into your Telegram account using this phishing page, then the scammers will gain access to your Telegram account, and take it over for their own use.

They can then use your Telegram account to send the same scam message, or worse, cheat your family and friends of their money!

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

The lady in the viral video likely logged into this phishing page, thus giving the scammers control of her Telegram account. That was likely how they were able to message everyone on her contact list.

She also likely did not enable Two-Step Verification in Telegram, which would let her recover her account even after scammers have gained access.

That is why people who were hit by this scam had to call and inform their relatives and friends, or publicly post about it to warn all of their contacts.

Unfortunately, it is not always possible to warn all of their contacts, and inevitably, someone will get cheated of their hard-earned money. That’s why these scams are so popular – they really work, and scammers are making a ton of money!

Help us fight against these scammers. SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Warning – PDRM Parking Fine Scam Alert!

Scammers are targeting motorists with the PDRM parking fine scam! Make sure you warn your family and friends!

Here is what you need to know about the PDRM parking fine scam!

 

PDRM Parking Fine Scam Email

People are getting emails warning them that they just committed a parking violation, while offering them a cheap fine if they pay quickly.

Fines Inquiry and Payment

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

The fine is set at MYR 50. Payment of the fine is required within 7 days of the date of notification, to avoid further legal consequences.

If the fine is not paid within the time limit, you may be subject to legal action, resulting in an increase in the original fine.

Payment deadline: [08/26/2023]

Methods of payment accepted:

Cordially,

Malaysian Police Department

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

PDRM Parking Fine Email Is A Scam!

These PDRM parking fine emails are scam emails. This was confirmed by PDRM itself.

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

These emails are designed to scare its victims into action. Hence, it offers a very cheap way to quickly “settle the problem”. However, if you take a breath, and analyse the email CAREFULLY, you will see many problems with it.

  • Letter is from PDRM : The Royal Malaysia Police (PDRM) will never write to you by email.
  • Letter is in English : The Royal Malaysia Police (PDRM) will never write to you in English.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PDRM Warning : Watch Out For MyBayar Scam!

PDRM is warning motorists not to fall for the MyBayar scam! Here is what you need to know about the MyBayar PDRM scam!

 

PDRM Warning : Watch Out For MyBayar Scam

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

The MyBayar PDRM scam starts with an official-looking email that warns motorists that they have been caught contravening the law, and offers a cheap RM50 fine if paid within 5 days:

Last notice of contravention before prosecution

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

As a result of this infringement, a fine of MYR 50 has been imposed. This fine must be paid within 5 days of the date of this notification to avoid further legal consequences.

Failure to pay the fine within the allotted time may result in legal proceedings being taken against you, which could lead to increased fines, penalties and the possible suspension of your driving license.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

MyBayar PDRM Scam : How Does It Work?!

Many people who received the MyBayar PDRM email might be shocked to find out that they were caught committing a traffic violation, and then relieved that it was only RM50 if they paid quickly.

That’s how the scammers trap their victims – by offering a cheap RM50 fine, when we all know that fines for traffic offences are at least RM150, and can go all the way up to RM1,000!

Those who received this fake MyBayar PDRM email would be tempted to quickly pay the cheap RM50 fine, before it becomes a lot more expensive!

But if you take a closer look at the email, you will spot some problems with it:

  • Weird English : The email title of “Last notice of contravention before prosecution” is nonsensical.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Watch out for the Bantuan Tunai Rakyat Malaysia 2023 scam on WhatsApp, Telegram, Facebook and Twitter!

Find out how this scam works, and WARN your family and friends!

 

Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

These scam messages about Bantuan Tunai Rakyat (BTR) 2023, or Bantuan Percuma Kerajaan Malaysia 2023, is going viral on WhatsApp, Telegram, and social media platforms like Facebook and Twitter.

Bantuan percuma kerajaan 2023 khas untuk yang mana bergelar usahawan,pendidik,suri rumah,kerani dan yang kerja sendiri di waktu sekarang, boleh dapatkan geran RM2500 😱 🧕👩‍🍳👩‍💻👷‍♂️👨‍🎓👨‍🌾
✅ Bantuan ni percuma
✅ Tak perlu bayar semula
✅ Maksimum sehingga RM2,500 / RM5,000
JOM CLAIM:

Free government assistance 2023 especially for those who are entrepreneurs, educators, housewives, clerks and self-employed at the moment, can get a grant of RM2500 😱 🧕👩‍🍳👩‍💻👷‍♂️👨‍🎓👨‍🌾
✅ This help is free
✅ No need to pay again
✅ Maximum up to RM2,500 / RM5,000
CLAIM HERE:

As one lady shared in the video below, she got tricked by the scammers, who took over her Telegram account to send the same scam message to all of her contacts!

While she claimed that she did not click any link, I will show you how she got scammed…

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Bantuan Tunai Rakyat Malaysia Scam : How Does It Work?

Warning : To show you how the scammers work, I will share the links they use. I will highlight those dangerous links in red. Do NOT go to those links.

Super Long Link

To trick people into clicking on the scam links, the scammers intentionally use a misleading and very long URL, so you are less likely to notice the domain.

This is the scam link : http://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com

Note how the scammer used a long list of descriptive keywords – “bantuan“, “kerajaan“, “my“, “fase 3“, which helps to mislead people, and make it more difficult for them to notice that the domain is “financialanchorllc.com“.

Obviously, financialanchorllc.com is not a Malaysian government domain (which ends with .gov.my), and it has nothing to do with Malaysia or financial aid.

A quick WHOIS check reveals that the ownership of this domain is hidden by a paid service – which is not what a genuine government agency would do.

Pro Tip : Always check the domain of a link before you click on it. Avoid super-long links like this because they are often used to mask the domain name.

Recommended : Will Scanning RFID Bar Codes Hack Your Phone?!

Fake Telegram Invitation

After clicking to go to https://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com, you will be taken to what looks like an invitation to join a Telegram group. But in reality, it is a fake Telegram invitation.

A real Telegram invitation will have a link like this – https://t.me/XXXXXXXX. But this scam page has the link – https://bantuan-kerajaan-my-fase-3-trd.financialanchorllc.com.

Also, a real Telegram invitation can detect if you are using Windows / Mac or Android / iOS, and suggest that  the right download for your device.

A real Telegram invitation will not ask you to Join Group. Rather, it will allow you to either View In Telegram, or Preview channel in the web browser itself.

Recommended : Bursa Malaysia Stock Investment Scam Alert!

Fake Telegram Login Page

If you click on Join Group, you will be taken to this Telegram login page.

WARNING – THIS IS A SCAM PAGE. This is what is known in cybersecurity as a “phishing attack”.

First of all, Telegram invitations will never ask you to log into your Telegram account. It will simply launch the Telegram app and load the group for you.

Secondly, if you look at the link, it leads to the same scam domain, specifically https://bantuan-kerajaan-my-fase3-gcc.financialanchorllc.com/main/index.php.

Do NOT log into your Telegram account in this page.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

If you log into your Telegram account using this phishing page, then the scammers will gain access to your Telegram account, and take it over for their own use.

They can then use your Telegram account to send the same scam message, or worse, cheat your family and friends of their money!

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

The lady in the viral video likely logged into this phishing page, thus giving the scammers control of her Telegram account. That was likely how they were able to message everyone on her contact list.

She also likely did not enable Two-Step Verification in Telegram, which would let her recover her account even after scammers have gained access.

That is why people who were hit by this scam had to call and inform their relatives and friends, or publicly post about it to warn all of their contacts.

Unfortunately, it is not always possible to warn all of their contacts, and inevitably, someone will get cheated of their hard-earned money. That’s why these scams are so popular – they really work, and scammers are making a ton of money!

Help us fight against these scammers. SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How WithSecure Offensive Security Drives Business Resilience!

Find out how WithSecure harnesses the power of offensive security to drive business resilience and enhance protection for its clients!

 

WithSecure Drives Business Resilience Through Offensive Security!

WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the SPHERE security conference 2023, WithSecure’s Chief Product Officer, Antti Koskela, shed light on their game-changing offering called ‘attack surface management.’ This managed service offers a comprehensive view of vulnerabilities in a company’s cloud-based estate.

As a result, WithSecure’s focus on the digital perimeter empowers businesses to reduce their overall attack surface, enhancing their cybersecurity posture in the ever-evolving threat landscape.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

 

How WithSecure Offensive Security Drives Business Resilience!

WithSecure also introduced three groundbreaking services that amplify their commitment to ‘outcome-based security’ and ‘co-security’. This groundbreaking development was revealed by WithSecure Executive Vice President (Solutions) Scott Reininga, also at the SPHERE security conference 2023.

Reininga underscored WithSecure’s unparalleled expertise in offensive security, revealing that they are the home of one of the world’s most proficient offensive security teams. This team, a fusion of penetration testers (pentesters), red, blue and purple teamers, has profound knowledge of adversary tactics, tradecraft, and techniques.

Penetration testing is a cybersecurity practice that aims to discover vulnerabilities in a system by simulating controlled attacks. Their goal is not to cause damage but to pinpoint weaknesses for rectification. This proactive method, which can involve exploiting software vulnerabilities or simulating social engineering tactics, is key in any comprehensive cybersecurity strategy, offering a practical evaluation of potential risks rather than a theoretical one.

Our relentless pursuit of research and system testing allows us to uncover system vulnerabilities proactively. This crucial data is the building block of our products that are proactive, minimally disruptive, and crafted from the perspective of an attacker.

– Scott Reininga, WithSecure Executive Vice President (Solutions)

These insights were unveiled by Reininga during his recent product launch event titled ‘Co-security and co-managed services for partners’. He was joined on stage by WithSecure Vice President (Offering and Customer Experience) Niko Isotalo.

Expanding on WithSecure’s strategic approach, Isotalo said that the company’s outcome-based security framework model “connects Chief Information Security Officers (CISOs) and board members, offering clarity about the interplay between security outcomes and business objectives.”

This alignment clarifies the indispensable role of security in the core business framework to board members.

– Niko Isotalo, WithSecure Vice President (Offering and Customer Experience)

Recommended : Avanade Launches New Generative AI Services!

Reininga and Isotalo unveiled the three new offerings during their joint session. The first, termed “co-monitoring,” is a partnership model. WithSecure validates the genuineness of security incidents before alerting the duty manager, effectively curbing false alarms.

WithSecure collaborates with clients to supervise their digital ecosystems, particularly during periods when they are stretched thin on resources. This service, providing support beyond standard working hours, can also deliver round-the-clock monitoring if necessary.

Isotalo further introduced the second service, incident readiness software, recognising that many organisations lack comprehensive incident readiness plans.

Our software simplifies the creation, testing, and updating of such plans, which serve as essential shields against cyber threats.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

Focusing on the urgency of immediate incident response, Reininga introduced the third service, an incident response retainer.

Our incident response retainer provides unlimited incident response within the critical initial 72 hours of an event. We eliminate the need for negotiation about budget and resource allocation.

We engage consultants rapidly, supported by our globally lauded 24/7 incident response team and top-tier threat intelligence unit, guaranteeing our customers industry-leading service level agreements (SLAs).

By integrating offensive security acumen, co-monitoring capabilities, incident readiness software, and swift incident response, WithSecure empowers organisations to effectively safeguard their digital assets and curtail the impact of potential breaches.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Takes Offensive Security Approach To Cloud Threats!

WithSecure is harnessing the power of the offensive security approach in tackling evolving cloud threats!

 

WithSecure Takes Offensive Security Approach For Cloud Threats!

In a shifting cybersecurity landscape, WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the recent SPHERE security conference 2023 in Helsinki, Finland, WithSecure’s Chief Product Officer, Antti Koskela, shed light on this approach.

We’ve done identity assessments for many cloud-based companies, unveiling weaknesses in their cloud platforms.

Our offensive security approach is about understanding the attack surface of a cloud-based estate. We focus on the digital perimeter, which is crucial to reducing the overall attack surface.

Koskela went on to explain that WithSecure has distilled this insight into an innovative managed service offering called ‘attack surface management’. This service provides a comprehensive view of a company’s vulnerabilities, including IP addresses, port vulnerabilities, exposed APIs and web services, identity matters, patching levels and more.

With more open architecture, control over your attack surface becomes paramount. ‘Zero trust’ alone isn’t the answer as human errors happen. Our holistic approach helps mitigate this.

Recommended : Avanade + Accenture: 2023 Microsoft Global SI Partner of the Year!

WithSecure’s product suite integrates various cloud-native solutions to deliver protection based on specific client requirements. This collaborative process, termed ‘co-security’, is driven by the security and business outcomes defined by the clients. Koskela emphasised the tripartite focus of their solution:

It’s about process, people, and technology. We collaborate to secure the outcomes, letting company directors steer the course of business.

Our WithSecure Elements platform is the cornerstone of our technology, built collaboratively with our clients.

Koskela acknowledged the evolution of the IT industry, from client-server in the ‘90s to hosted services in the 2000s, cloud computing in the 2010s and cloud-native in the 2020s. He underscored the need for a new security approach to match the evolving business environments:

The cloud offers agility, speed, cost-efficiency. But with new technologies come new security considerations.

WithSecure has been proactive, creating solutions for every technological shift – be it firewalling and endpoint protection during the hosted services era, or data security and VPNs for the cloud computing era.

And now, with the rise of cloud-native tech, we’re helping clients to understand and secure their digital perimeter through our offensive security approach.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

WithSecure Chief Product Officer, Antti Koskela (left), and APAC Regional Director Yong Meng Hong (right)

 

WithSecure Elements Picking Up In APAC

Since its mid-2021 debut, WithSecure’s Elements platform has gained considerable momentum here in Malaysia and the broader Asia-Pacific region. This comprehensive cybersecurity platform has made its mark by providing organisations with a unified solution to their security needs.

Elements equips enterprises with the insight, adaptability, and technology to tackle evolving threats and changing business environments.

Offering unified endpoint protection across devices, clouds and servers, Elements consolidates everything from vulnerability management and collaboration protection to detection and response into one easy-to-navigate security console.

– WithSecure Asia-Pacific Regional Director Yong Meng Hong

Yong further emphasised that the cloud-based Elements platform provides real-time visibility across an entire IT infrastructure, simplifying how enterprises manage their cybersecurity.

Flexible licensing options, including fixed-term subscriptions and usage-based billing, ensure that organizations can tailor their cybersecurity services according to their specific needs.

Elements offers centralised management capabilities, giving IT managers a comprehensive overview of their enterprise’s IT infrastructure, enhancing their reassurance and control.

Today, WithSecure is globally recognised, trusted by a myriad of enterprises to safeguard against cyber threats, while also protecting tens of millions of consumers through over two hundred service providers and telecommunications partners.

For organisations looking to navigate the cloud’s security challenges, WithSecure’s offensive security approach could be just the safeguard they need.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How A University Student Lost RM22K In Online Job Scam!

Find out how a university student just lost over RM22,000 in an online job scam!

Please SHARE this article to warn your family and friends to avoid such online job scams!

 

Online Job Scam Are Targeting The Poor + Desperate!

Online job scams have been around for a long, long time. But fake job syndicates have become more active recently, probably because more people are getting laid off, and inflation is eating into our money.

Online job scams come in a variety of ways, but most commonly, you get unsolicited messages through WhatsApp or iMessage, offering you the opportunity to make a lot of money through part-time work, in the comfort of your own home.

This is especially appealing to people who are currently jobless and desperate. Or in this recent case – a university student who is just starting out in life.

I am Shirley , a permanent employee at XXXX Company in the recruitment department. The HR department sent me this number and asked me to contact you to get you to a job opportunity.

Hello! I am Miss Aisyah Binte Ahmed, from The Recruitment Dept. at YYYY Digital, Malaysia. Our company is hiring part-time and full-time online Employees. Can I briefly share the details with you?

Recommended : Scam Alert : How Fake Job Syndicates Operate!

 

How A University Student Lost RM22K In Online Job Scam!

I had earlier written about how fake job syndicates cheat people of their hard-earned money, but I didn’t realise that these scammers are also targeting university students!

A university student recently shared how he quickly lost over RM20,000 to an online job scam, despite being warned that it could be a scam!

How They Reel The Student In…

These online job scams always start by offering their victims an EASY way to make A LOT of money!

It all started two days ago, when an unknown person asked me if I’m interested in a part time job. I usually don’t decline offers like this because I’m also a student looking for internship or job opportunities.

He gave me simple tasks, like subscribing to YouTube channels and get RM10 for each subscription. I was interested as money did really go to my account.

Then, I was added into a group. They would give these free tasks of subscribing to YouTube channels.

These scammers also know that people are now wary of scams, and will always demonstrate their willingness to pay… at least in the beginning.

And occasionally will provide merchant tasks throughout the day, which you bank in a certain amount of money to them, which was said to help improve crypto merchant’s reputation or some sort, then they’ll return you a good amount of earnings after the task is completed. It takes around half an hour to do so. So for these two days I earned around RM500.

This is how the scammers establish trust with their victims, and convince them to “invest” to get even more money!

Recommended : Watch Out For Telegram Phishing Attack!

The Scam Happens Very Quickly

The “merchant tasks” is when they start scamming you, and the scam occurs very quickly. You may think that you’re earning a lot of money, but you will never see a cent of it.

So here’s where the fishing begins. A merchant task has started. A rule was stated that I must complete all the tasks given or I will not get the money that I banked in before.

It doesn’t matter how little you “invest” in this “merchant task” scheme. Once you are in, they will quickly use your “earnings” to force you to keep paying them!

I chose the least risk package, give RM300 to get RM360. Then, I was required to continue the next task. Same, I chose the smallest amount RM2000 to get RM2600. Again, need to continue the next task, I chose the smallest RM5000 to get RM7000. Then, RM15000 to get RM19500.

Then, RM40000 to get RM52000. At this point, I still haven’t realize it’s a scam. All I’m focussed on is I need to take back the money that I banked in, so I’m just thinking about completing the tasks given.

By The Time He Realised… It Was TOO LATE!

Because the university student was so engrossed in getting back the money he “invested” earlier, he didn’t realise that he was giving the scammers more and more money… until it was much too late.

There’s one trick that this scammer is using. He let me start with a small investment, then proceed with stages. They force me to continue because I want to rescue the money that I put in in the previous task. So it keeps getting bigger and bigger.

Unfortunately, by the time the university student realised his mistake, it was much too late… He had already lost over RM22K!

At that time, I have not enough money in my bank to fork out RM40k. So I panic and find my friend to lend me some money.

Luckily my friend as a sideliner noticed that this is a scam and stopped me. I woke up finding that evervthing was too late. Just like that, two days, RM22300, gone.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Scammers caught on CCTV by hacker

Many People In The Group Are Scammers

As the university student later realised, many of the people in the group are part of the online job scam syndicate. Their job is to give the victims the perception that this is a legitimate job with many people participating.

During merchant tasks, I’m asked to leave the big group and will be joining a small group of 3-4 members. One of the scary parts in this operation after I realize it’s a scam is that, all the group members in the group are actually controlled by the same person.

Out of the 4 members, two might be playing rich vips who will play the highest package, pressuring you to play with more money, the other person looks like a newcomer like me and plays along with me, choosing the lowest package.

Precautions Were Useless

The university student was actually warned by his parents that it could be a scam. He even prepared for the possibility he could be scammed:

Some Precautions | Made While Attempting This:

I was being very careful with this. I shared with my parents on the first night. My parents did warned me about it being a scam, but didn’t stop me from it since I’m earning something. They just ask me to be extra cautious.

I have two bank accounts, so I moved most of my savings such that I have a “small” account and a “big” account, to prevent losses if anything goes wrong.

I also created a new chat account with another phone number solely for this “part time job”. I also made a plan and promise to only invest my earnings, so I cannot touch my savings.

But as German Field Marshal Helmuth von Moltke once said, “No plan survives contact with the enemy“, and the student’s precaution was useless when he got “emotionally invested” in getting his money back, and ended up taking out all of his saving from the “big account”!

I believe we always read about news of scams in Malaysia, asking why are they so dumb, why they fall into these type of scams. Until I’m in their shoes. I was being very cautious taking the above steps and always remind myself to not be greedy, play only the least risk.

The worse part is, when I’m within that situation and cannot think straight. I even use my savings from my “big” account, just because I want to rescue the money I put in.

Recommended : How To Block Facebook Ads + Pay Scammers!

The university student is now “emotionally depressed” and “thinking about suicide” over the loss of so much money. But do the scammers care? No, they couldn’t care less if people commit suicide over the loss of their hard-earned money.

He has also contacted his bank fraud hotline, and lodged a police report. Unfortunately, he is unlikely to ever recover any of the money he lost. But I hope he understands that his life matters more to his family than money, and he can always make back the money as long as he lives.

Please SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Wedding Invitation Scam : Don’t Install APK File!

Please watch out for the wedding invitation scam, and find out why you should NEVER install any APK file from strangers!

Find out what’s going on, and warn your family and friends!

 

Wedding Invitation Scam Gone Viral!

A new scam has gone viral on social media in Malaysia – the wedding invitation scam. In this scam, scammers contact their victims on WhatsApp, pretending to send them an APK file as a wedding invitation!

Here is the Malay version of the scam messages, and their English translations.

Dengan rasa kesyukuran, Menjemput Tuan ZAITON OTHMAN Ke Majlis Perkawinan Anak Kami
Sila Klik instal Apk untuk dapatkan kad kahwin digital kami ⬇️⬇️
Sila klik instal nampak kad kahwin digital kami 🙏, agar nak tau Siapa 😀

With gratitude, Inviting Mr. Zaiton Othman to our Son’s Wedding
Please click install Apk to get our digital wedding card ⬇️⬇️
Please click install to see our digital wedding card 🙏, to know who this is 😀

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Wedding Invitation Scam : Don’t Install APK File!

This is yet another example of a Mobile Application Scam, and here are the reasons why…

Fact #1 : APK Is Android Installation File

First, it is important to know that APK files are not used to deliver wedding invitations, or photos and videos.

Short for Android Package Kit, an APK file is used to install software in Android devices. Think of it as the Android equivalent of an EXE installation file for Windows software.

Fact #2 : You Should Never Install APK File, Unless You’re An Expert

APK files, by definition, are merely installation files for Android devices. They can be used for legitimate purposes, as well as nefarious purposes.

However, legitimate Android apps are mostly delivered through proper mobile app platforms like Google Play Store and the HUAWEI App Gallery, where they are often scanned for malware before people are allowed to download and install.

Therefore, you should never download and install an APK file outside of legitimate mobile app platforms, unless you are an expert who needs to “sideload” an APK for a specific reason.

Now, this does not mean that only Android devices are vulnerable. Apple is slated to offer the ability to sideload apps too with iOS 17.

Fact #3 : Scammers Use APK Files To Install Malware

In most, if not all, cases where you receive an APK file from a stranger on WhatsApp, Telegram, through email or social media platforms, it is likely to contain malware.

Scammers use APK files containing malware to gain access to your phone. After you install these malware APK files, scammers can do anything – read your messages, steal your photos and videos, gain access to your TAC / OTP alerts, etc.

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #4 : APK File Scam Not Limited To Wedding Invitations

These mobile application scams are not just limited to wedding invitations, or offers to deliver illicit photos and videos. Scammers have also convinced their victims to install these APK malware files to :

  • book cheap temporary maid / cleaning services
  • book cheap air-conditioning services
  • book exclusive restaurants
  • receive special discounts
  • make investment transactions

Fact #5 : Scammers Use Social Engineering + Stolen Data

It is important to remember that scammers will use a combination of social engineering and stolen / purchased data to convince you to install their APK malware.

They may know your name, your MyKad number, your address and your telephone number. They may even know who is in your family, and even have your bank account or credit card details. All that information can be purchased from unscrupulous sources.

In some cases, scammers have taken over social media accounts and used them to trick the account holder’s family and friends into installing such APK malware files.

No matter who tells you to do it – even if they are your family member or friend, NEVER download and install an APK file.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #6 : Bank Negara Malaysia Warned About Mobile App Scam

Bank Negara Malaysia has long warned consumers about such mobile application scams.

Be wary of clickable hyperlinks that redirects you to a site, or downloads an application to your phone. Banks will no longer send you any clickable hyperlinks via SMS!

Only download applications from your smartphone’s official application platforms (e.g. Google Play Store, [Apple] App Store, Huawei App Gallery).

Fact #7 : PDRM Confirmed This Is A Scam

On Monday, 19 June 2023, PDRM Commercial Crimes Investigation Department (CCID) Director Datuk Seri Ramli Mohamed Yoosuf warned the public about this wedding invitation scam:

This new tactic asks for an individual to open the link prepared to receive the wedding invitation. However, that’s the trick to steal information from the public and to make online transfer. The public are advised to avoid getting caught up in any message from questionable sources.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : How Fake Job Syndicates Operate!

Find out how fake job syndicates operate, and how they reel you into their scams, and cheat YOU of your hard-earned money!

Make sure you SHARE this article, to warn your family and friends to avoid the fake job scams!

 

Fake Job Scams : What Are They?

Fake job scams have been around for a long, long time. But fake job syndicates have become more active recently, probably because more people are getting laid off, and inflation is eating into our money.

Fake job scams come in a variety of ways, but most commonly, you get unsolicited messages through WhatsApp or iMessage, offering you the opportunity to make a lot of money through part-time work, in the comfort of your own home.

Good day YouTubers!! This is Alexa from Youtube Entertainment. We invite you to participate in our event by liking and subscribing to our channel and we will give you XXX. Please reply “YES” if you are interested. Thank you.

Hi, I’m the recruitment manager of XYZ company. XYZ invites you to do regular work at home.

You can easily earn [large amounts of money] with your mobile phone every day, and your salary will be settled on the same day.

Please add my WhatsApp to sign up. The number of places is limited, only for today.

Hey! You have been selected for a job. Daily salary XXXX to YYYYY. WhatsApp [number removed]. Reply YES to apply.

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Scam Alert : How Fake Job Syndicates Operate!

I personally have received many of such fake job offers, and have always ignored them. But when I saw a sudden surge of fake job offers, I decided to look into it. I also wanted to find out how they worked.

So I took a dive into two different fake job scams last week, and here was what I found…

How They Reel Their Victims In

It all starts with scammers tasked with “fishing” for victims. They will try to contact you by email, Facebook Messenger, SMS, WhatsApp, Telegram, or iMessage. Regardless of the method, the hook is simple – we are offering you an EASY way to make A LOT of money!

Once you are suitably impressed, these “fishing” scammers will offer you a simple task to show you just how easy it is to make a lot of money. To entice me, the two scammers offered me a pretty good sum of money for a very simple task:

Syndicate A : Subscribe to this YouTube channel, and send me the screenshot to receive XXXX.

Syndicate B : Like this YouTube video, and send me the screenshot to receive YYYY.

Recommended : Watch Out For Telegram Phishing Attack!

The Fishing Scammer Hands You Over To The Syndicate

After you complete that task, the fishing scammer then hands you off to the actual fake job syndicate, ostensibly for payment. You are asked to contact the company secretary / account manager on Telegram, with a “payment code”.

From what I surmise, the “payment code” is actually the fishing scammer’s referral code – they get paid for every victim they send the syndicate.

This will be your last contact with these fishing scammers. They are off to reel in more victims!

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Syndicate Baits You With Payment

The syndicate secretary / account manager will ask you to register your details with them, but they are not too particular with any details, except for your phone number. If you give them the fake number, they will know because they will check with the fishing scammer using their referral code. But feel free to give them other fake details – they won’t care.

The fake job syndicate will then send you the payment for that “test” job, using a mule account. If you ask them why they are sending you the money through a different company account or even a random person’s account, they will tell you that they have many bank accounts because of daily transaction limits.

Syndicate Baits You With Simple Tasks

The syndicate will then add you to their Telegram channel offering multiple tasks per day. Instead of YouTube channels or videos, you are tasked to very simple tasks like:

  • open a link to a product page on an online shopping platform
  • take a screenshot of that product page
  • post that screenshot to the Telegram group
  • share that screenshot with your syndicate agent

You will breeze through the first three tasks easily, and the fake job syndicate will pay you promptly.

Fantastic, isn’t it? What could go wrong? After all, there are hundreds of other people participating in the same tasks, and getting paid!

Recommended : Can SIM Swap empty bank accounts without warning?!

Syndicate Tempts You With Pay To Earn Scam

At this point, you have done some calculations, and realise that you can easily make good money every day doing these simple tasks.

That’s when the fake job syndicate offers you the opportunity to make some serious cash. But there’s one catch – you need to PAY them to get access to jobs with serious money.

For every dollar you prepay, the fake job syndicate promises that you will get that back PLUS 10% to 30%, within minutes. Just in case you are worried about losing your money, hey, they are offering a refund. Honest!

And how can they offer you so much money for so little work? The syndicate throws in the magic word – cryptocurrency! Of course! That’s the only way anyone can make tons of money easily, with both eyes closed!

Recommended : BitiCodes Scam Alert : Fake Celebrity Endorsements!

Syndicate Pressurises You With Bots

To convince you that they are legit, you will see many people posting screenshots of their payments to the Telegram group. They will also publicly announce how much they are investing. In some cases, they also post excitedly about how much money they already made, and how much they plan to make today.

This is just a charade to make you believe that people are really making money through this scheme. Most of these “participants” appear to be bot accounts, with a few sock puppet accounts. If you monitor these accounts over time, you will see them change names. I even spotted one of these fake participants (mercado livre in the screenshot above) become the Telegram group admin!

The genuine victims are those asking questions in the group like “We have to prepay?” But oddly enough, no one else in the group (except the Telegram group admin) will respond. That’s not how real people behave.

And if you check their receipts, you will notice some discrepancies in their receipts, which suggest that they were edited:

  • transfers within the same bank were labelled as transfers “to other banks”.
  • account numbers are too short / long for that particular bank

The others are possibly genuine receipts (by people who were scammed earlier), with their dates and times changed.

Recommended : 2023 Turkey Earthquake : Fake Photos + Scam Alert!

Once You Pay, It’s Game Over

I managed to get in touch with two victims of this scam, who claimed that once they deposited the prepaid amount, they were ghosted and removed from the Telegram group.

So that appears to be the scam – they bait you with a bit of money, until you are convinced that they are real. Then once you prepay them for the “big job”, they dump you right away.

Your assigned syndicate agent will block you, and you will get kicked off the Telegram group, which often disappears after scamming a few victims. Often, you will find your Telegram conversations with them mysteriously deleted. By then, it’s much too late – you have already lost your money.

To ensure they don’t lose money, they will price the introductory offer low enough to entice victims, but high enough to cover their costs and then some. But they will inevitably score some big fish, which is why the fake job scam persists.

Now that you know how the fake job scam works, please DO NOT get trapped into it! NEVER pay to get a job. It is just a scam!

Please SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Gigabyte motherboards shipped with firmware backdoor!

Millions of Gigabyte motherboards and laptops shipped with a built-in backdoor in its UEFI firmware!

Here is what you need to know about this cybersecurity danger, and what you can do about it!

 

Gigabyte Motherboards Shipped With Firmware Backdoor!

On 31 May 2023, researchers at the cybersecurity firm Eclypsium revealed that 271 Gigabyte motherboard models have been compromised with UEFI firmware with a built-in backdoor!

Eclypsium’s heuristic detection methods recently began flagging suspicious backdoor-like behaviour in Gigabyte motherboards. When its researchers looked into it, they found that Gigabyte motherboard firmware was executing a Windows native executable during the system start up process. This executable then insecurely downloads and executes additional payloads.

From their analysis, the executable appears to be a legitimate Gigabyte module called WpbtDxe.efi:

  • it checks to see if the “APP Center Download & Install” feature is enabled
  • it downloads executable payloads from Gigabyte servers
  • it has a Gigabyte cryptographic signature

They also found that the downloaded payloads have Gigabyte cryptographic signatures too, which suggest that this firmware backdoor was implemented by Gigabyte itself.

However, Eclypsium researchers discovered that the Gigabyte implementation had a number of problems, which would make it easy for threat actors to abuse the firmware backdoor:

  • one of its payload download locations lacks SSL (using plain HTTP, instead of the more secure HTTPS), allowing for Machine-in-the-middle (MITM) attacks
  • remote server certificate validation was not implemented correctly even when the other two HTTPS download locations were used, which allows for MITM attacks
  • one of its payload download locations is a local network-attacked storage device (NAS), which could allow a threat actor to spoof the location of the NAS to install their own malware
  • the Gigabyte firmware itself does not verify any cryptographic signatures, or validates the downloaded executables.

In short – millions of Gigabyte motherboards have a cybersecurity vulnerability, due to their firmware which includes an insecure / vulnerable OEM backdoor. As John Loucaides from Eclypsium put it:

If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the Internet and running it without you being involved, and hasn’t done any of this securely.

The concept of going underneath the end user and taking over their machine doesn’t sit well with most people.

Note : This vulnerability affects all computers using Gigabyte motherboards, including laptops.

 

Gigabyte Rolls Out New Firmware To Mitigate Backdoor!

After the news blew up inconveniently during Computex 2023, Gigabyte quickly rolled out new beta firmware upgrades for its AMD and Intel motherboards.

According to Gigabyte, the new beta firmware upgrades have “improved security mechanisms” that will “detect and prevent malicious activities during the boot process“. It also appeared to have implemented other changes:

  • enhanced the signature verification process for fils downloaded from its remote servers
  • conduct more thorough checks of file integrity to prevent the introduction of malicious code
  • enabled standard cryptographic verification of remote server certificates

The new firmware has just been released for AMD 600-series motherboards, as well as Intel 500- and 400-series motherboards, but will eventually be introduced for older motherboards. The new firmware will have the description, “Addresses Download Assistant Vulnerabilities Reported by Eclypsium Research“.

As Gigabyte does not intend to remove the backdoor feature, you might want to consider Eclypsium’s advice on how best to reduce the risk of malicious actors taking advantage:

  1. Scan and monitor systems and firmware updates in order to detect affected Gigabyte systems and the backdoor-like tools embedded in firmware. Update systems to the latest validated firmware and software in order to address security issues like this one.
  2. Inspect and disable the “APP Center Download & Install” feature in UEFI/BIOS Setup on Gigabyte systems and set a BIOS password to deter malicious changes.
  3. Administrators can also block the following URLs:
    – http://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://software-nas/Swhttp/LiveUpdate4

For starters, you should definitely download and update your Gigabyte motherboard or laptop with the improved firmware. Then disable APP Center Download & Install in the BIOS.

Let’s hope Gigabyte will be able to quickly issue new and improved firmware to mitigate, if not remove, the backdoor vulnerability for the affected 271 motherboard models, and its future motherboards and laptops. Even so, many users might not be aware of this vulnerability or these updates.

It seems likely that threat actors will have access to this backdoor vulnerability in many Gigabyte motherboards and laptops for years to come. Even Eclypsium’s Loucaides believes so:

I still think this will end up being a fairly pervasive problem on Gigabyte boards for years to come.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Computer | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Restaurant Menu QR Code Hack Your Phone?!

Did the FBI just warn people to avoid using the restaurant menu QR code, because it can hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : FBI Says Restaurant QR Code Can Hack Your Phone!

People are sharing a Daily Mail article, or screenshots of it, which claims that the FBI just warned people not to use any restaurant menu QR code because it can allow hackers to steal your data!

Here is an excerpt from the Daily Mail article. Feel free to skip to the next section for the facts!

Why you should ALWAYS ask for a physical menu: FBI warns hackers are planting fake QR CODES in restaurants that steal your data when you click the link

  •  Scammers are making fake QR codes to place on top of real ones 
  • This is letting them access smartphones and steal personal data

QR codes have become the new default for accessing restaurant menus across the US post-Covid — but scammers are seizing upon the new practice.

The FBI warns thieves are creating fake QR codes and planting them at eateries, retail shops and even parking meters.

Instead of taking you to an online menu or checkout, the links instantly download malware onto your device, stealing your location and personal information

The FBI has urged consumers to look out for typos or misplaced letters in URLs accessed through QR codes and ask restaurants for a physical menu.

Recommended : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Truth : FBI Did Not Say Restaurant QR Code Can Hack Your Phone!

This appears to be a “misunderstanding” of an actual FBI warning about QR codes. Here is what you need to know about the risks of scanning a QR code for a restaurant menu.

Fact #1 : FBI Issued QR Code Warning In January 2022

I could find no reference to a recent QR code warning by the FBI, and oddly enough, The Daily Mail did not provide a source or link to the FBI warning its article was referring to.

The FBI only released one public service announcement (PSA) about QR codes, and that was Alert Number 1-011822-PSA which was released on January 18, 2022.

If that was the source for the Daily Mail article, then it’s more than a year old, and not recent as the article appears to suggest.

Fact #2 : FBI Warned About General QR Code Risk

The FBI advisory was a general warning about the risks of tampered QR codes. Specifically, it warned about cybercriminals tampering with both digital and physical QR codes.

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

Cybercriminals tamper with both digital and physical QR codes to replace legitimate codes with malicious codes. A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site…

Fact #3 : FBI Advisory Did Not Mention Restaurant / Menu

Interestingly, the entire FBI advisory did not once mention restaurants or menus, and that makes a lot of sense.

It is odd to focus on the risk of using QR codes for online menus in restaurants, when they are used in so many other ways today – from making mobile payments, as mobile tickets, login tokens, etc.

Any security risk involving restaurant menu QR codes would also apply to QR codes used for other purposes. So it really doesn’t make sense for the FBI to “pick on” restaurant menu QR codes.

Recommended : Can Approve New Participant block WhatsApp hackers?!

Fact #4 : QR Code Is Not Malicious In Nature

QR code (which is short for Quick Response code) is not nefarious or malicious in nature. The FB advisory specifically pointed that out – “QR codes are not malicious in nature“.

The QR code is merely a type of two dimensional barcode that was invented in 1994 by the Japanese company, Denso Wave, to track automotive parts. It has since been adopted for other purposes because it is more efficient and can support more than just numbers. For example, Version 40 QR code can contain up to 7,089 numbers or 4,296 characters.

Ultimately, a QR code is nothing more than a series of numbers or characters – data which can be used for a variety of purposes, including providing a link to an online restaurant menu.

Fact #5 : QR Code Can Be Tampered With

It is true that QR codes can be tampered with. In fact, the FBI advisory was issued after Texas police departments discovered fraudulent QR code stickers on parking meters in San Antonio and Austin. Drivers who scanned those fake QR codes were taken to a scam website. instead of the real payment website.

Hence, the FBI issued that warning to remind people to check the URL link to make sure that it is the intended website, and not a phishing page with a similar link. For example, the fake website may use www.quikpay.com when the real website is www.quickpay.com.

To completely avoid this risk, avoid using QR code to access a payment website. Always go directly to the payment website on your smartphone’s web browser by keying in the link yourself. Genuine payment labels with a QR code will often include a direct URL link for you to use as a safer alternative.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #6 : Restaurant Menu QR Code Is Low Risk

While scammers can place fraudulent QR codes over genuine ones at restaurants, bars, and other eateries, this is a very unlikely attack vector.

That’s because restaurants often use QR codes to redirect you to an online system to order food and drinks for your table. Imagine if you scan a fraudulent QR code and are asked to key in your credit card details. That would be absurd, and you would surely complain to the waiter since you haven’t even ordered your food!

In most cases, you are not expected to pay at the table using QR code. You either pay using cash / credit card / mobile payment using QR code at the payment counter. Even if that QR code is compromised, the cashier would notice it immediately as any payment made using that QR code would not reflect in the restaurant’s point-of-sale (POS) system.

And payment only occurs after dining – a fraudulent QR code that leads you to a fake website won’t allow you to actually order anything, since it’s not connected to the real restaurant and its ordering system. That’s why this attack vector is highly improbable.

In any case, many restaurants now generate temporary QR codes on disposable paper stubs to avoid this risk. The QR code is only valid for your dining session. The next person to dine at the same table will receive a different QR code.

Fact #7 : QR Code Can Potentially Inject Malware

It is possible for QR code to inject malware into the smartphone that you are using to scan. In fact, there are apps like QRGen that allow scammers / hackers to easily generate malicious QR codes. However, it isn’t quite as simple as the article makes it out to be.

For one thing – malware and exploits are limited to specific operating systems or phone models. For example, an Android exploit / malware won’t work on iPhones. Or an exploit / malware that makes use of an Android 11 vulnerability won’t work on newer / updated Android smartphones since they would have patched the exploit.

Second – any malware will require considerable amounts of code to load. The scammer / hacker will have to use an enormous QR code like the version 40 example below, or it will need to convince you to download and install the malware package itself.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Genuine restaurant menu QR codes are simple – like the version 1 / version 10 examples above, because they only serve a link to their online menu / ordering system. If you see a large and complex QR code like the version 40 example, avoid scanning it, and ask the restaurant staff to verify its authenticity.

Restaurant menu QR codes would also never ask you to download or install anything. They only serve to load a link to an online menu / ordering system, so if you are asked to download or install anything, do NOT proceed, and notify the restaurant.

These tips also apply to other businesses that use QR codes to show you a menu, discounts, offers, information, etc.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Malaysian Telcos Ban SMS Links To Prevent Scams!

Malaysian telcos have started banning SMS links, as part of the MCMC’s initiative to prevent scams! Here is what you need to know!

 

Malaysian Telcos Ban SMS Links To Prevent Scams!

On Tuesday, 2 May 2023, four Malaysian telcos – Maxis, Celcom, Digital and U Mobile started banning SMS links, as part of the MCMC’s initiative to prevent scams.

From this day onwards, users will be blocked from sending or receiving SMS with a link. MCMC had earlier issued the directive to all telcos on February 14, 2023, but the ban on SMS links is only now being implemented.

The ban on SMS links is currently not mandatory for all telcos, and is being implemented in phases. Currently, the ban is limited to SMS between individuals.

Businesses using short codes like 6XXXX, 2XXXX and 1XXXX will eventually be banned from including a URL link in their SMS messages. They will be given time to switch to other methods to send promotional messages with links to their customers.

The MCMC has issued a directive to all telcos to block sending and receiving of SMS with URL link. The objective is to prevent users from becoming victims of online scams

MCMC issued the directive to all service providers on Feb 14 and is currently assessing the progress. For now, the block is still not mandatory.

The blocking of person-to-person SMS with URL links will take effect from 2 May 2023. For SMS sent by business via short codes such as 6XXXX, 2XXXX and 1XXXX, this will be done later and specific notification to business users will be sent.

Malaysia Deputy Communications and Digital Minister Teo Nie Ching said in February 2023 that blocking such SMS links will ensure that people won’t click on them and possibly end up as a scam victim.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Only SMS Links Banned, Links Via Other Platforms Still A Risk

While this measure is really helpful in reducing scams, the ban is limited to SMS links. Scammers can still send links through instant messaging platforms like WhatsApp, Telegram, Facebook Messenger, WeChat, etc.

That does not mean that links are inherently bad. Links in messages, even SMS messages, are mostly safe.

Perfectly Fine

  • Clicking on a link to read an article / terms and conditions of a promotion
  • Clicking on a link to enrol in a promotion which does not require you to log into any website
  • Clicking on a link to check in for a flight, or get a travel update

However, they can be used to send you to a phishing website which is designed to look like a genuine bank / payment website. Hence, it is critical that you should NEVER log into any website through a link.

NEVER DO THIS

  • Clicking on a link to log into a bank website
  • Clicking on a link to make a purchase or payment
  • Clicking on a link to log into any account / email

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityMobile | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can hackers use Good Morning greetings to hack you?!

Can hackers use Good Morning videos, pictures and messages to hack your devices, and steal your data?!

Find out what is happening, and what the FACTS really are!

Updated @ 2023-04-21 : Updated with a new 2023 version of the hoax
Originally posted @ 2022-11-01

 

Claim : Hackers Are Using Good Morning Messages To Hack You!

This post about Chinese hackers using Good Morning videos, pictures and messages to hack your devices, keeps going viral on social media and WhatsApp.

It’s a long message, so just skip to the next section for the facts!

Dear friends, please delete all welcome photos and videos in Good Morning format and the like. Read below the article to the end, which will be clear why I ask about it. From now on I will only send personally prepared greetings.

Read all! Please send this message urgently to as many friends as possible to prevent illegal intrusion.
Warning from Olga Nikolaevnas lawyer:

Recommended : Can Approve New Participant block WhatsApp hackers?!

 

Truth : Good Morning Greetings Not Being Used To Hack You!

Many of us get spammed with Good Morning or Good Night messages every day from family and friends.

While they often clog up Facebook, Telegram and WhatsApp groups, they really do NOT allow hackers to hack your devices.

Here are the reasons why Good Morning messages are very irritating, but harmless…

Fact #1 : Shanghai China International News Does Not Exist

The news organisation that was claimed to be the source of this warning – Shanghai China International News –  does not exist!

Fact #2 : Good Morning Greetings Not Created By Hackers

Hackers (from China or anywhere else) have better things to do than to create these Good Morning pictures and videos.

They are mostly created by websites and social media influencers for people to share and attract new followers.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

Fact #3 : No Fraud Involving Good Morning Messages

There has been no known fraud involving Good Morning or even Good Night messages, videos or pictures.

Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case…. because it never happened.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest…

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.

Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.

Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Users At Risk Of Rogue BIOS / Firmware Updates!

MSI users are at risk of rogue BIOS / firmware updates, after hackers got hold of its source codes, private keys and BIOS firmware!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Hit By $4 Million Ransomware Attack + Data Theft!

 

Stolen Data Exposes MSI Users To Rogue BIOS / Firmware Updates!

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang, which has threatened to release the 1.5 terabytes of critical data that it exfiltrated from MSI servers.

While MSI has apparently restored files encrypted by the ransomware, exposure of the private keys and source codes, will likely allow Money Message or other threat actors to develop rogue BIOS or firmware updates.

Installing rogue BIOS / firmware updates will give the malware the access level of a super-low-level rootkit, giving it full control over your computer, with the ability to spy on almost everything you do. Such malware will also be extremely difficult to detect and remove. After all, it boots up before the operating system!

These days, rogue BIOS or firmware updates are much less of a problem because they are usually digitally-signed by the vendor, MSI in this case. Even if threat actors distribute Trojanised downloads for MSI users, they cannot create the right digital signatures for those files.

However, now that MSI’s private keys have been stolen, they can be used to create rogue BIOS or firmware updates with authentic digital signatures! MSI users downloading and installing those updates will never know the difference.

Recommended : Can Approve New Participant block WhatsApp hackers?!

The biggest risk right now is with PC hardware enthusiasts who enjoy installing unofficial firmware updates to gain access to special settings. That is precisely why MSI is urging its users to only download files from its official website.

Of course, this assumes that the MSI download servers are secure, and have not been compromised. If the threat actors have access to the MSI download servers, they can insert Trojanised downloads with proper signatures, and MSI system administrators may be none the wiser!

Let’s hope that this incident forces MSI to take a much closer look at its cybersecurity measures, and run penetration tests to ensure that its download servers are secure. Otherwise, some threat actors will likely hit pay dirt with MSI users!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | ComputerTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Hit By $4 Million Ransomware Attack + Data Theft!

MSI just got hit by a massive ransomware attack, but even worse – it lost a ton of critical data to the hackers!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Hackers Demand $4 Million From MSI To Not Release Stolen Data

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang.

While MSI has apparently restored files encrypted by Money Message’s ransomware, the gang now has access to about 1.5 terabytes of critical MSI data.

According to BleepingComputer, chats between Money Message and an MSI representative show the gang demanding a ransom payment of $4 million. Otherwise, Money Message will release the stolen files.

To show that they did indeed steal those MSI files, Money Message posted screenshots of what they describe was MSI’s Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.

Recommended : Can Approve New Participant block WhatsApp hackers?!

If Money Message releases MSI confidential data, it may not just be embarrassing for the Taiwanese company, it could allow other threat actors to use the source code and private keys to create malware targeting their customers.

In light of that, MSI users should only download and install software or BIOS firmware from the official MSI website.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : Watch Out For Telegram Phishing Attack!

Watch out for the phishing attack that will allow scammers to take over your Telegram account!

 

Scam Alert : Watch Out For Telegram Phishing Attack!

Scammers are now targeting Telegram users with a phishing attack that is designed to trick them into giving up their accounts! The Telegram phishing attack works like this:

Step 1 : The scammer gains control of your friend’s Telegram account, and sends this message to you:

Dear Telegram users. The system detects that this account is abnormal and has potential security risks.

To ensure that you can log in to your account normally, you need to invite friends for auxiliary verification  

The risk control account has not been verified. The system will cancel the account after 24 hours! 

Personal Information Authentication:[link removed]

Step 2 : The scammer, masquerading as your friend, asks you to help him/her verify his/her Telegram account by clicking on the link.

There are security risks in my account, and I need friends to help me verify it. Please click on the official link to help me verify it and follow the prompts. thank you

Step 3 : If you click on the [removed] link to help your friend, you will be taken to a website that looks like an official Telegram website. DO NOT DO THIS.

Step 4 : You will be asked to log into your Telegram account on the fake website. DO NOT DO THIS.

Step 5 : The fake Telegram website will ask you to key in your Login code, or take and upload a screenshot of your Telegram. DO NOT DO THIS.

Step 6 : If you continue, the scammer will be able to take over your Telegram account, and use it to scam your friends by asking them for money, etc.

The scammer will also have access to your Telegram chats, and all associated media including photos and videos, which could potentially be leaked or used to extort you or other people.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

How To Protect Against Telegram Phishing Attack

A phishing (pronounced as fishing) attack is a social engineering attack, that uses your trust for an institution (like a bank), authority (Telegram), or someone you know, to give up your login details.

Here are some ways you can protect yourself against any phishing attack on Telegram, or other platforms.

Verify Identity Before Trusting

Many people fall for phishing attacks because it is human nature to trust your friends and to help them. However, on instant messaging apps, you don’t actually know if it’s really your friend on the other end!

So if a friend messages you on Telegram, WhatsApp, Facebook, Twitter, Instagram, etc to ask for help, ALWAYS verify their identity before proceeding.

If possible, call or message your friend on the phone, or via a different platform (use WhatsApp if the request came on Telegram, for example).

But if you are unable to call your friend, try asking the other person something that only your real friend would know:

  • Do NOT ask questions like “Are you really Sarah??
  • Do NOT ask questions that can be answered by reading previous chat messages.
  • Ask something that only you and your friend would know, like “Hey Sarah, what was that restaurant we went to last week?
  • Ask a fake question that your friend would readily know is not true, like “Hey Sarah, are you coming over tonight?

If the other person cannot answer or gives you the wrong answer, he/she is not your friend, and that account has likely been taken over by a scammer.

Recommended : How To Block Facebook Ads + Pay Scammers!

Look At The Link

Whenever you see a link being shared, always check if it leads to a legitimate website, or attempts to masquerade as a real website, by substituting characters in the link.

This Telegram phishing attack, for example, uses a link to telegram.0rg.ee. The real Telegram domain name is telegram.org. This is called domain spoofing.

If you see an attempt to impersonate a legitimate website by using a similar-looking domain name, do NOT click on it.

Never Login Via A Link

It is common for people to share links on Telegram, and in Telegram groups. Heck, we share links to our article in the Tech ARP Telegram group!

Clicking on links in Telegram, WhatsApp, emails, etc. is not dangerous, because most lead to legitimate websites that do NOT require you to log in.

What is dangerous is logging into any website through a link. I cannot hammer this enough – NEVER LOG INTO ANY WEBSITE through a link!

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

Turn On Two-Step Verification

All banking platforms, and many mobile apps now offer two-step verification to prevent scammers from taking over user accounts. However, this is often an optional feature that you must manually enable.

Telegram has a two-step verification feature, which prevents scammers and hackers from hijacking your account by requiring a secret password that only you will know.

Please follow our guide on how to turn on Two-Step Verification in Telegram.

Just make sure you do NOT give that password out to anyone, or key it into any website!

Read more : How To Turn On Two-Step Verification In Telegram!

Warn Your Family + Friends!

It is important to publicise phishing attacks, whenever they happen. If people are alerted, they are less likely to fall for such attacks.

However, scammers and hackers can quickly change the way their phishing attack works, so it is important that people understand how phishing attacks work in general.

You can help prevent phishing attacks by sharing this articles, and other cybersecurity warnings, with your family and friends.

Please help us FIGHT SCAMMERS by sharing this cybersecurity article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Tenaga Nasional 33rd Anniversary Scam Alert!

Please watch out for the Tenaga Nasional 33th Anniversary survey contest scam!

Find out why it is just a SCAM, and WARN your family and friends!

 

Tenaga Nasional 33th Anniversary Survey Scam Alert!

People are now sharing the Tenaga Nasional 33th Anniversary messages on WhatsApp :

Congratulations!

Tenaga Nasional 33rd Anniversary National Government Power Subsidy!

Through the questionnaire, you will have a chance to get 1000 Ringgit

🎉 Tenaga Nasional 33rd Anniversary National Government Power Subsidy 🎊

Electricity subsidy is being issued…

Recommended : Petronas 50th Anniversary Scam Alert!

 

Tenaga Nasional 33th Anniversary Survey : Why This Is A Scam!

Unfortunately, this is yet another survey scam, like the Petronas 50th Anniversary scam!

Tenaga Nasional confirmed that this survey is a scam in a scam alert on their website on 6 February 2023.

Win Cash Rewards from TNB – 6/2/2023

TNB customers are advised to ignore survey links that claim they can win cash rewards from TNB.

TNB does not organize any kind of cash prize giveaway on social media. Please be careful and avoid spreading this false information.

I know many of us are in dire straits during the COVID-19 pandemic, having lost jobs, income or even loved ones.

Unfortunately, scammers are counting on our desperation to prey on us, using the same survey scam they have been using for years :

Now, let me show you how to spot these scams next time!

If you spot any of these warning signs, DO NOT PROCEED and DO NOT SHARE!

Warning Sign #1 : Bad Grammar

Most of these scammers do not have a good command of the English language, so if you spot bad grammar, stay away.

Proper contests or events sponsored by major brands like Tenaga Nasional will have at least one PR or marketing person who will vet the text before allowing it to be posted.

Read more : Petronas 50th Anniversary Scam Alert!

Warning Sign #2 : Offering You Free Money Or Gifts

Please do NOT be naive. No one is going to give you money or free gifts just to participate in a survey!

Tenaga Nasional isn’t going to give you FREE money, just because it’s their anniversary.

They are a corporation whose business is to make money, not a charity to give you free money.

Warning Sign #3 : Not Using The Real Jaya Grocer Domain

A genuine Tenaga Nasional campaign would use their real domain – www.tnb.com.my.

Or they would run it off the official Tenaga Nasional page on Facebook – www.facebook.com/TNBCareline/.

If you see nonsensical domains like merefamily.top, 0yjjg61.cn, 1eaf1rnbeef.top, ldxqw.bar, etc. that’s a sign it’s a SCAM!

Warning Sign #4 : Asking You To Forward The Offer

No brand will insist that you must share the offer with 5 groups or 20 friends on WhatsApp or Facebook Messenger.

Do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Warning Sign #5 : Asking You To Download + Register An App

If you click through and joined the fake survey scam, you will eventually be asked to download and register for an app.

This is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

Please help us fight scams like this and SHARE this article out!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityFact Check | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Is FIFA Giving Free 50GB Data For World Cup 2022?!

Is FIFA offering 50 GB of free mobile data to stream World Cup 2022 matches with no interruptions?!

Take a look at the viral offers, and find out why they are just scams!

Claim : FIFA Is Giving Free 50GB Data For World Cup 2022!

People are sharing viral offers for 50 GB of free mobile data to stream World Cup 2022 matches without interruption. Here are some examples :

* FIFA is giving people around the world 50GB of data for free to watch the 2022 Cartel [Qatar] World Cup.*
* I Have Received Mine.*
* OPEN THIS*

* FIFA memberi orang di seluruh dunia 50GB data secara percuma untuk menonton Piala Dunia Kartel [Qatar] 2022.*
* Saya Telah Menerima Milik Saya.*
* BUKA INI*

FREE 50GB DATA PLAN FOR ALL NETWORKS

PERCUMA PELAN DATA 50GB UNTUK SEMUA RANGKAIAN

 

Truth : FIFA Is Not Giving 50GB Free Data For World Cup 2022!

This is yet another SCAM circulating on WhatsApp and social media, and here are the reasons why you must avoid it!

Fact #1 : FIFA Is Not Offering Free Mobile Data

First, let me just say it out loud and clear – FIFA is not offering free mobile data anywhere in the world, just to watch World Cup 2022 matches.

FIFA makes its money through sale of television, marketing and licensing rights for World Cup 2022, so there is simply no reason for it to provide free mobile data to stream the matches.

Fact #2 : FIFA Would Never Give You Anything Free

Please do NOT be naive. No one is going to give you free data just to participate in a survey!

FIFA is a corporation whose business is to make money, not a charity to give you free data.

Fact #3 : They Do Not Use Official FIFA Domains

Genuine FIFA promotions would be announced on the official website at www.fifa.com, or their official social media accounts:

  • Facebook : https://www.facebook.com/fifaworldcup/
  • Twitter : https://twitter.com/fifacom
  • Instagram : https://www.instagram.com/fifaworldcup/

They would never run contests or promotions via dodgy domains like “subsidy.buzz”, “50g.kxoe1.xyz”, “50gb450.xyz”, or “zlqxt.top”.

Once you see those random domains, click delete. Or just ignore. DO NOT CLICK.

Fact #4 : They Are Advertisement Scams

After you click on the link, you will be redirected through a series of hidden advertisements before you arrive at the “offer page”.

The offer page will ask you a series of simple questions. Regardless of your answers, you will be congratulated and told you won the 50 GB free data plan for three months.

You will be asked to key in your mobile number to receive the free mobile data, but you will never receive anything. In one variant, you are even redirected to more advertisements, including a video advertisement.

Fact #5 : Brands Won’t Ask You To Forward The Contest

To get that free 50 GB data for three months, you are asked to share the “contest” with 12 friends or groups on WhatsApp.

That’s a clear sign of a scam. No brand will insist that you must share their contest or free offer with WhatsApp friends of groups.

Please do not click to forward their offer to your family and friends. They will not appreciate being scammed with your help!

Fact #6 : They Can Potentially Be Dangerous

Similar scams in the past have more dangerous variants, where you are asked to :
a) install an app, which is really a malware to keep sending you advertisements
b) enter your banking or credit card details, ostensibly to prove your identity or some other excuse

Needless to say – proceeding with this step will open you up to great risk of monetary loss. DO NOT PROCEED!

If you install their malware, you will start receiving promotions, some of which will ask you to send an SMS to receive expensive free gifts like laptops and smartphones.

If you proceed to send the confirmation SMS messages, you will be subscribed and billed for international premium SMS services.

This is VERY DANGEROUS. Never agree to download and register for any unknown app from a website.

Always download your apps from an official App Store like Google Play Store (for Android smartphones) and Apple App Store (for iPhones).

Fact #7 : They Are Just Another Example Of Online Scams

These are just more examples of online scams offering freebies.

Now that you know the facts, please WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Mobile | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!