[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]**updates at the end of the post** [/font]
[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]reproduced from http://www.hellodbsandposb.blogspot.sg/[/font]
[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]* DISCLAIMER*[/font]
- Whatever I say here is based on what I know, what I have read on DBS/POSB 'S facebook page and interaction with the DBS/POSB STAFF - My boyfriend put them on loudspeaker so I can witness-
I am helping my BF do this because he has no clue how to use a blog. He tried to contact DBS but this is what they "replied" him so I guess talking directly to them isn't effective enough.
*************
I will repeat the first part of the story first for those who dont know, and below you will see their "reply" to "my boyfriend"
26/02/2015 afternoon 12:20-12:30
My boyfriend received 18 OTP messages sent to his phone:
After realizing his debit card was in his wallet with him he was alarmed and called POSB immediately.
these are the transactions made:
26/2/15 12:23:27 – usd 7.99 – NETFLIX.COM
12:23 – usd12.00 – bpclassified
12:23 – usd 14.99 – steampowered.com
12:23 – usd29.95 – pixelfilm studios
12:22 – usd75.00 – mlg – major league
12.22 – usd5.00 – cableles
12.22 – aud 189.40 – online smoke
12.42 – usd 213.6 – target.com
12.22 – usd20.00 – teengate
12.22 – usd199.00 – red gate software ltd
12.22 – usd65. 00 – videocall pilot
12.22 – usd94.99 – vapor4life
12.22 – usd78.98 – yesasia yes style
12.22 – usd249.98 –eurosport
12.22 – usd4.99 – facebook virtual goods
12.22 – usd1.00 – facebook virtual goods
12.22 – idr752014.00 – facebook virtual goods
12.22 – idr1505462 – facebook virtual goods
12.22 – usd80.00 - facebook virtual goods
12.22 – usd 2.00 – facebook virtual goods
How on earth can a normal person go to so many different websites to purchase things in a minute? DUH IT IS NOT MY BF WHO DID THESE TRANSACTIONS?? Also must take 120 days to figure out? It took me 1 second to know this is a fraud.
***We are still trying to calculate the figures because about $2000+ was missing and because he cancelled the debit card so fast we are unable to see the statement online and can only wait till the customer service people get back to us. ***
The total amt here that was debited from my bf's account is $2019.99 - there may be more but we have to WAIT for the people to get back to us to confirm that.
Obviously he did
not make these transactions and thus he cancelled the debit card (THE NEW PASSION CARD HE WAS ASKED TO ACTIVATE)
why does your card have an expiry? why do you need to change to a new card?
SECURITY REASONS.
Oh man shut up. *flips hair*
~
When asked when he will get back his money, he was told that it would take up to
120 days to investigate and decide if the money should be returned to him.
I thought that UP TO 120 days would mean the latest 120days, but when I checked with a few friends who ever experienced fraud with POSB ( I shall not name unless needed ) ,
all of them told me it will take about 3-4 months before they get back to you. SOME
NEVER EVEN GOT BACK THEIR MONEY. Some until now are
still waiting for their money since last year,
What if one needed the money urgently to save a dying family member but due to the fraud, they could not get the money and the family member died? Who would be responsible?
The customer or the bank?
To the bank, a few thousand may not be alot, but it is still quite a substantial amount to normal Singaporeans.
TO THOSE WHO SAY: 'AIYA FEW THOUSAND ONLY MA'
SORRY LOR NOT EVERYBODY AS RICH AS U. SO MUCH MONEY GIVE ME LOR.
I understand fraud does happen and it is not possible to completely stop it but
WHAT THE HELL IS HE RECEIVE THE OTP AND HE NEVER USED THE OTP AND YET THE TRANSACTION CAN GO THROUGH?
This, is
no longer a "fraud always happen one la" thing.
IT IS THE FREAKING BANK SECURITY.
What is the OTP for then, if there was no need to use it anyway to authorize any transactions.
Anyone can happily just enter my card details and use my money away happily?
Do enlighten me if POSB/DBS OTP works differently from ALL the other banks?
The bank's duty of care is their consumers. What for we place money in a bank when it is less safe than a biscuit tin? No doubt we cannot blame the bank for the fraud but
THEY ARE RESPONSIBLE TO KEEP THEIR CUSTOMER'S ACCOUNTS SAFE AND THAT'S THE REASON FOR THE OTP.
Why are banks always emphasizing on security?
Because that is what they are known for. Because they want us to trust that they can handle our accounts safely. and also use the trust to lure deposits in so that they can roll our money. But we are fine with that as long as our money is safe with them and we get that teeny bit of interest. No complains what.
But now?
If the fraudster can retrieve the OTP without even needing to see the sms, that means they have probably already hacked through the bank security.
How else would they be able to obtain the OTP that was sent via sms that APPEARED on my bf's handphone screen if they are not with my bf?
PEOPLE PLEASE GO AND CHECK YOUR ACCOUNTS cause I dont think my boyfriend is the only one.
How can such a large bank allow this to happen?
So we made a complain on both their facebooks
All these are found on their fb page but I will still censor the names out.
Can go read the full details on their fb page.
OK ENOUGH OF THE FIRST PART.
Now we wait for
POSB'S RESPONSE. When my boyfriend posted a complain on to their wall, the admin called JOHN replied to his complain that
he has received an email from him and will get back to him.
I was confused so I asked my boyfriend if he did email them already and my boyfriend replied that he hasn't contacted them because he was so busy at work.
After a while he said
" Eh they email me already but I don't know what they saying"
When we met up I looked at the email.
AND GUESS WHAT.They forwarded the whole email chat with the other guy to my boyfriend assuming it is the same guy.
FYI the email contained personal information of the other guy so I will colour them out.
This is the whole email thread, I will begin from the bottom
This mail was sent by the Other benjamin - to posb AND IT WAS FORWARDED TO MY BF'S EMAIL. It was regarding a fraud as well as you can see:
Email address all give my bf already lor. So if he kena fraud again is whose fault? my bf first suspect ah? WAKE UP LA DBS. SLEEPING AND TYPING THE EMAIL IS IT. Where is your SOP to ensure you are talking to the right customer? I dont think it is right to email other people's email to anyone you like. I wonder who have you emailed my boyfriend's details to. ANOTHER BENJAMIN probably?
Contact number of the other guy also freely given to my bf:
(OK I arrow <<<< the person surname but the contact number is the part i coloured out below his name)
Guess what is most important when you do online transactions?
1) EMAIL
2)PHONE NUMBER.
Oh god we are gonna be the next suspects of this guy's next fraud. * rolls eyes*
HOW TO TRUST THIS BANK WHEN THEY ANYHOW SEND OUT UR DETAILS?
Thats not all. See the next screenshot.
THEY REPLIED THE OTHER GUY BACK AND ADDRESSED the other guy as Mr Lee - My boyfriend's surname. even when in the previous thread the guy did mention his surname
- VALIDATION CHECKS? I think NOPES.. DONT HAVE
-Customer service to always address your customer by their surname? I think they anyhow call their customers whatever surname they like. they dont care???
So next was the poor other guy's confused reply:
(do note that up to this point the email thread was only sent to the other guy's email ALONE)
He must be wondering when on earth he became Mr Lee.
next..............
AND TADAAAHHHH Can anyhow add people email inside one.
That's how we got the thread
And I have no idea what the customer service officer was trying to say. But he did address the other guy BACK to his real surname again.
So after seeing the mails, my bf replied to both posb and the innocent guy to inform him that his details were leaked. I don't see why POSB takes their jobs so lightly when they work in a bank. I know that confidentiality of a customer's details are very important.
I really wonder how POSB and DBS handles all their customer accounts.
Honestly I don't know what to say,
This post is just to tell everyone to be more vigilant about your accounts. Small deductions of $10/$20 may not be your expenditure but because its less significant you don't notice it.
SO MAFAN RIGHT Cannot trust the bank until must ownself do my accounts and statements to make sure everything is in order when this is the banks job.
How about the bank pay me service fee for doing self service on my accounts?
OH YA BTW.
GIVE MY BF HIS MONEY BACK.
So annoying you all. Tsk.
UPDATES****
DBS called up my boyfriend this afternoon and told him that they have indeed read all the posts that were shared on social media.I cannot thank all my friends enough for helping me share the post.
Also thank you to the other Benjamin! The evidence helped my BF a lot!
I decided to write this because we did not receive aid when we contacted them directly. Every option was 120 days 120 days 120 days...
[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]And my boyfriend is the WONT PANIC UNTIL HE READ LIKE OH got so many people also kena THAT kind, and so I didn't want to wait for 120days to find out the money is still on hold due to a security fault by DBS.[/font]
So I AM REALLY THANKFUL TO ALL MY FRIENDS N PPL WHO HELPED ME SHARE ON FB!![FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif] It seriously expedited the process!!! [/font]
[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]Just a note to DBS: If you give customer's a waiting period of one week compared to 120days I think lesser people will be so angry..... [/font]
Anyway, DBS/POSB have apologized immensely for the mistakes made and have credited the money back into my bf's account this afternoon after they read the fb posts!!!
Only manage to update this now because I was @ work.
Now that I know my bf got back his money I am not angry anymore haha. According to my bf one of the staff contacted him and was really nice to him, and the sent many emails to him to "keep him in the loop" so that he was aware of the situation and they wanted to compensate him as well.
I am happy that DBS/POSB bothered to take responsibility of the situation today instead of ignore the repeated pleas like before this whole thing blew up. Thank you for settling this thing with my boyfriend today.
[FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]I still dont think that there should be a second time where the wrong personal information is sent out to others. That is really careless. Hopefully the OTP problem settles soon too for other people... DBS plz secure[/font][FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]ur[/font][FONT="Helvetica Neue Light", HelveticaNeue-Light, helvetica, arial, sans-serif]networks to protect your customers.... [/font]
CHECK UR STATEMENT PEOPLE! Cuz small amounts can also be deducted slowly and you wont even know it's a fradulent transaction.
Beware of DBS POSB debit card fraud, seems that OTP is useless
