08 January 2024
An advertisement which appears on Facebook and Instagram is falsely representing a local bank while promoting a fake lucky draw with attractive prizes. In the ad, users are urged to join the lucky draw by clicking on a link which leads to a phishing website impersonating the bank. The URL is clearly from a neighbouring country and is not the bank’s official website. After submitting their full name and phone number on the phishing website, the user will then receive a 5-digit OTP via their Telegram app. The website will then ask for the OTP and Telegram password to be entered.
- Telegram account will be taken over by the scammer
- Identity theft
- Possible data loss and financial loss
- Do not click on links in unsolicited text messages or advertisements. Examine URLs carefully and compare them to the organization’s official website address.
- Before taking any action, ensure that the social media account, website, text message or caller genuinely represents the organization they claim to be. Contact the organization directly for verification and report suspicious activity.
- Any requests for your one-time password (OTP) or verification codes should be considered as suspicious.
- Fake accounts on social media should immediately be reported to the relevant social media platform (e.g. Facebook).
- Use anti-virus software and update it regularly.
- Apply appropriate patches and updates immediately.
- Back up your devices regularly in case they become compromised.