Scammed? Call the National Scam Response Centre now: 997 (NSRC) · Semak Mule (PDRM)
ScamAlert MalaysiaMalaysia Anti-Scam Awareness Portal
EN BM 中文
HomeScam News › BNM Alert: Most Online Fraud Losses Tied to Victim
Fraud Alert

BNM Alert: Most Online Fraud Losses Tied to Victims' Own Actions

By ScamAlert Editorial Team · Published 13 Jun 2026 · Updated 13 Jun 2026

Bank Negara Malaysia (BNM) has highlighted a concerning trend in online fraud cases: the majority of financial losses stem from victims themselves authorising transactions, often unknowingly or under false pretences.

This finding underscores a critical shift in how scammers operate. Rather than relying solely on hacking or system breaches, fraudsters increasingly manipulate victims into willingly transferring their own money through social engineering, impersonation, and deception tactics.

Understanding the Risk

When victims authorise their own transactions—whether through mobile banking, online transfers, or payment platforms—the money moves directly from their accounts. This makes recovery significantly more difficult compared to unauthorised transactions, where banks may have clearer grounds for reversal.

Common scenarios include:

  • Victims tricked into believing they are transferring money to legitimate businesses or government agencies
  • Romance scams where victims send money to fraudulent romantic interests
  • Investment scams promising unrealistic returns
  • Impersonation of authority figures demanding urgent payments
  • Fake customer service representatives requesting account verification or "security updates"

The fact that victims authorise these transactions themselves means they bear responsibility in the eyes of banking systems, making it harder to claim fraud and recover funds.

Why This Matters

Understanding this pattern is crucial for your protection. It means that no matter how secure your bank's systems are, your own vigilance remains the strongest defence. Scammers succeed not by breaking into systems, but by breaking through human trust.

This is why BNM's alert serves as a reminder: the responsibility for protecting your money ultimately rests with you. Banks can secure their platforms, but they cannot prevent you from voluntarily sending money to fraudsters.

What to Do

Protect yourself by following these essential steps:

  • Never transfer money based on unsolicited requests, even if they appear to come from trusted sources
  • Verify requests independently by contacting the organisation directly using official contact details
  • Be suspicious of urgent demands, threats, or pressure to act quickly
  • Never share your banking credentials, PINs, or one-time passwords (OTPs) with anyone
  • Check recipient details carefully before confirming any transfer
  • Use strong, unique passwords for your online banking accounts
  • Enable two-factor authentication where available
  • Report suspicious activity immediately to your bank

If you suspect you have been scammed or have lost money to fraud:

  • Contact the National Scam Response Centre (NSRC) hotline at 997 for immediate assistance
  • File a report with the Royal Malaysia Police (PDRM) using Semak Mule at semakmule.rmp.gov.my
  • Notify your bank immediately to freeze your account and prevent further unauthorised access
  • Keep detailed records of all communications and transactions related to the scam

BNM's alert serves as a timely reminder that staying informed and cautious is your best defence against online fraud. When in doubt, always verify through official channels before parting with your money.

Sources & references

  • Most online fraud losses in Malaysia driven by victims’ own transactions - BNM  The Vibes
  • news.google.com
This article is published for public awareness and education. Figures are taken from official statements and reputable news reports at the time of writing. If you spot an error, tell our editors.