Jump to content
BANGKOK
webfact

Mobile company employee stole 10 million baht from customers in credit card data fraud

Recommended Posts

4 minutes ago, bluesofa said:

The Bank Of Thailand has instructed all Thai banks the transition to chip & pin cards must be completed by the end of December this year. After that, all old Thai cards without a chip will be invalid. That includes credit cards, debit cards and ATM cards.

However, I saw a recent article saying the banks had requested a short extension, as there were still some customers not aware of the need to replace their cards. It seemed to be an extension of a few weeks, IIRC.

Yes, Thailand is 15-years behind Malaysia in migrating to chip-based cards. What about TACs though? Do online shopping sites in Thailand use them?

Share this post


Link to post
Share on other sites
2 minutes ago, Selatan said:

Yes, Thailand is 15-years behind Malaysia in migrating to chip-based cards. What about TACs though? Do online shopping sites in Thailand use them?

I can only confirm that SCB and Bangkok Bank do.

When you fill in the secure form with your details, you are asked to click a button to "request an OTP". For me, it arrives as an SMS on my mobile within five seconds, and has worked fine.

The bank also SMS a confirmation of the transaction, saying that if you didn't authorise it to contact them immediately.

 

It's good regarding the introduction of chip & pin cards here in Thailand - at last.

I've also read about the US being 'in the process' of introducing them. They have been in use in Europe for twenty years now.

Share this post


Link to post
Share on other sites

This guy was smart but not smart enough to not fall into the hubris and greedy trap on this sort of crime, which is pushing it too far as you become comfortable. Rather like gambling, you need to know when to quit after you have made enough. If he had stopped after making his first million and a half or so in say 16 months and disengaged to let all go cold plus quiet, then he could have let the trail cool off and just hung out for a year or so and then done it again from a fresh position. This would also give him time to refine his MO and become even harder to catch ... but no, he fell into the hubris trap that is that everything is fine and things will continue the same indefinitely. That is where he was a dimwit but the scam was good for out here to be fair.  

Edited by Brigand
  • Like 1

Share this post


Link to post
Share on other sites
3 hours ago, Selatan said:

It's a useless idea. You have already provided your CVC code to mobile phone operators and online shopping sites.

Does the article say he hacked into the IT system to steal the data?

Or is he just in the league of the pump station attendants taking picture/photocopy of the physical cards? (another reported fraud some months ago).

 

Edited by KhunBENQ

Share this post


Link to post
Share on other sites
3 hours ago, Selatan said:

What about TACs though? Do online shopping sites in Thailand use them?

When using my credit card the authorization is not dependent on the shop but on the credit card issuer. I always had to confirm via the Verified by VISA procedure even for the Kasikorn virtual credit card and small amounts less than 2000 Baht.

Recently bought a laptop at Lenovo Thailand online shop.

This went through to a Thai service provider and then I had to do the full two factor authorization for my German credit card/issuing bank.

With the EU PSD2 directive being mandatory from tommorow all such transactions have to follow a two factor authorization. Methods may vary.

Share this post


Link to post
Share on other sites
7 hours ago, gamesgplayemail said:

 

yes, too smart for you to understand I guess ❤️

 

 

There are some great members on TVF. And then there are axxholes like you.

Just because I call a thief a "scumbag" for stealing, then a "dumb scumbag" because sooner or later he should have known he would get found out, best you can do is insult me.

But ...... Your screen name alone pretty much says it all. I see you as just a lonely, bored "game player" who's got nothing better to do than troll a site.

Or perhaps you are akin to him and collect illicit funds in a similar manner. That said, you too qualify as a "dumb scumbag".

  • Haha 1

Share this post


Link to post
Share on other sites
18 hours ago, neeray said:

There are some great members on TVF. And then there are axxholes like you.

Just because I call a thief a "scumbag" for stealing, then a "dumb scumbag" because sooner or later he should have known he would get found out, best you can do is insult me.

But ...... Your screen name alone pretty much says it all. I see you as just a lonely, bored "game player" who's got nothing better to do than troll a site.

Or perhaps you are akin to him and collect illicit funds in a similar manner. That said, you too qualify as a "dumb scumbag".

 

I only said

yes, too smart for you to understand I guess ❤️

 

 

you said

axxholes like you.

 

 

the one who insults is you.

 

And yes, I have been scamming smart people like you in another life, and I will never regret ❤️

 

 

 

Share this post


Link to post
Share on other sites

Oh, I see really nice people here insulting each other.

Share this post


Link to post
Share on other sites
On 9/12/2019 at 8:42 PM, KhunBENQ said:

Does the article say he hacked into the IT system to steal the data?

Or is he just in the league of the pump station attendants taking picture/photocopy of the physical cards? (another reported fraud some months ago).

 

He probably doesn't need to hack into the IT system because he was working at the mobile phone company. He could have easily copied the database out. Mobile phone and online shopping companies may not be as stringent as banks when in comes to security. 

Malaysian data breach sees 46 million phone numbers leaked

Share this post


Link to post
Share on other sites
On 9/12/2019 at 8:48 PM, KhunBENQ said:

When using my credit card the authorization is not dependent on the shop but on the credit card issuer. I always had to confirm via the Verified by VISA procedure even for the Kasikorn virtual credit card and small amounts less than 2000 Baht.

Recently bought a laptop at Lenovo Thailand online shop.

This went through to a Thai service provider and then I had to do the full two factor authorization for my German credit card/issuing bank.

With the EU PSD2 directive being mandatory from tommorow all such transactions have to follow a two factor authorization. Methods may vary.

I think it does depend on the shop. For example, if I buy something on Amazon (US) or Aliexpress (China), I don't get the Verified by Visa procedure. But when buying from Shopee Malaysia, I do get the Verified by Visa procedure using the same card. Just like the article had said, the perpetrator had been buying from Amazon and eBay using the stolen card information. If a two-factor authorisation have been used by eBay and Amazon, then how did he managed to buy all those things? 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...