Jakarta, CNN Indonesia –
Experts are investigating the type of crime that is to blame for entering customers’ money in the bank Jenius BTPN up to hundreds of millions of people affected fishing (impersonation) fake place with method Social engineering.
CISReC security expert Pratama Persada said there is a possibility of phishing, one of which is to ask for someone’s personal data by sending a website URL similar to the original banking provider’s website. Although it was a fake place for fishing (fishing (impersonation)) users provide their personal data.
“The target is usually asked to send biodades and even username and password. From there, authors can go further and make transactions that seem legal and according to the system,” Pratama told CNNIndonesia.com, via text message, on Wednesday (28) / 7) night.
He said the data entered by users through the website is the data capital so that the actors can target certain goals that have more data and that social engineering can do easily.
Social engineering is a technique used to manipulate by psychologically deceiving the victim. This method is done so that the perpetrator can access or obtain information about credential data, such as the victim’s username and password.
A few days ago, a Jenius Bank BTPN customer, Riri, admitted that he had lost 110 million rupees. At first, he was called by a person who claimed to belong to the Jenius service of the BTPN bank. Then the caller asks you to fill out a certain link.
After filling in the link details, Riri became suspicious when he learned that Riri had another bank account. In addition, the person who called also asked Riri to mention another bank account, but she refused.
Riri went to the BTPN bank office the next day. At that time, he learned that only Rp1 was left in his Jenius account balance. The scammers also broke into all Riri depots, causing a total loss of 110 million rupees. Unfortunately, it did not receive a deposit disbursement notification from Jenius, i.e. the Jenius Maxius server.
Due to the alleged fishing practice, Pratama advises not to easily provide personal data, with registration requirements or the attraction of raffle prizes.
“Even if you have to provide data, make sure the company is not fake, has official permission. At least sensitive data doesn’t change hands easily, it doesn’t reveal personal data either,” he said.
Sale of personal data, economic sale on the Internet
READ THE NEXT PAGE