news

Malaysian Almost Gets Scammed RM9,680 After Clicking A Link Allegedly Sent By Maxis

Maxis appears to be aware of the modus operandi and has issued a scam alert to all of its users.

Cover image via @shahirahshahs (Instagram)

Follow us on Instagram, TikTok, and WhatsApp for the latest stories and breaking news.

A Malaysian was nearly scammed out of SGD2,750 (RM9,680) after clicking on a link purportedly sent by a Maxis short code

Former lawyer turned now full-time content creator Shahirah Shah took to Instagram last Tuesday, 27 February, claiming she received a dubious SMS on 25 February.

The message read, "Dear customer, act now! Your 3022 points are expiring soon. Redeem for awesome rewards at our Rewards Center: [Link]. Don't miss out - click now and enjoy the perks!"

Shahirah claimed the short code that sent the message is the usual number that Maxis uses to notify her about her bills.

According to the Malaysian Communications & Multimedia Commission, short codes are five-digit numbers used by service providers to communicate with their customers

Service providers can also offer their short code services to other businesses to connect with their customers. Below are the short codes provided by different service providers:
– Maxis: 32000 to 32999 and 37000 to 37999
– Celcom: 39000 to 39999 and 33000 to 33999
– DiGi: 36000 to 36999

Image via MCMC

After reading the SMS, Shahirah clicked the link in the message without much thought and was directed to a phishing site that resembled Maxis' official website

While browsing the website, she learned that she could redeem an air fryer for just RM1.37.

"I thought to myself that it's a good deal. I proceeded to type in my credit card details and it requested me to type in the one-time password (OTP) I received [from my bank].

"Normally, the OTP messages pop out from the notification bar above our phone screen and we don't click into them [to read the full message], right?

"We just look at the OTP and type it into the website. So, I did just that. I typed in the OTP and received an error message [from the phishing site].

"So I requested a new OTP and typed it in again. I repeated the process a few times before I started to grow suspicious.

"When I went to my messaging app to read the full OTP messages, I realized that SGD2,000 (RM7,038) had been deducted from my account.

"[Other OTP messages] also stated that SGD200 and SGD400 were deducted from my account.

"It dawned on me then that I had been scammed!

"I called the bank immediately to freeze my account.

"During that time, I realised that the scammers failed to get any money from me because [I have reached my credit limit]," Shahirah recounted her experience.

Watch her video that has received over 2.9 million views below:

In a recent video update on Friday, 29 February, Shahirah admitted that despite finding the phishing site suspicious, she threw caution to the wind once she saw the air fryer

Despite receiving a lot of negative comments in her first video, Shahirah said her intention was to spread awareness about the scam.

Watch her video update below:

Speaking to SAYS, she highlighted the irony of receiving a scam alert message from Maxis just a few days after nearly falling victim to an identical scam.

"They always send so many links, I thought [the phishing site link was a legitimate Maxis website]," she said.

At the time of writing, it appears that Maxis is aware of the modus operandi employed by the scammers and has issued alerts about the fraudulent scam to all its users

SAYS has interviewed two other Maxis users who reported receiving similar fraudulent messages purportedly originating from a Maxis short code.

They shared that the contact that stylised as 'MAXIS' in full caps is a fraudulent short code, whereas 'Maxis' written in sentence case appears to be the legitimate number of the service provider.

SAYS has reached out to Maxis for a comment but did not immediately receive a response.

Image via SAYS
Image via Maxis

Meanwhile, beware of these scams:

You may be interested in: