M'sians Are Reportedly Losing Thousands Of Ringgit In Their Bank Accounts To "FB Ads"

The issue has made Malaysians question the standard of cybersecurity in the country.

Cover image via Your Money & @ruffleseed (Twitter)

Follow us on Instagram, TikTok, and Telegram for the latest stories and breaking news.

A handful of Malaysians have collectively lost RM24,889.28 in their bank accounts within the past few weeks and it is making them rethink the security of their savings and banking details

Most of the victims were charged between RM10 and RM50 over multiple transactions, typically within a few days, by "Facebook ads", as stated in the details of the transfers.

One victim even lost RM1,299 in a single transaction, with several more reporting to have seen their savings reduced by four digits.

The issue was raised by many bank account holders in their respective social media posts in March, but Parti Aspirasi Sains Malaysia (SAINS) co-founder Ken Ruffleseed consolidated those complaints into one tweet, raising awareness about the apparent rampant bank cybersecurity issue in Malaysia.

"I heard tens of millions of ringgit were reported misappropriated through Facebook [via] multiple banks over the past few weeks," said Ken on Monday, 28 March.

"Delete your phone number from Facebook now and do not let Messenger (one of Meta's messaging apps) handle your SMSes.

"Maybank Malaysia has yet to answer us regarding this intrusion."

Since the tweet, many Malaysians have come forward to say that they are also victims of the cybersecurity breach

Many victims noted in their complaints that they do not have their bank details bound to their Facebook accounts, with some even saying that not even their phone numbers are bound to the social media platform.

"Yeap. Happened to me today (30 March). (The transactions were recorded) at 3am. They attempted on 29 March, but they failed. They tried this morning and two transactions managed to get past," read a complaint that quote tweeted Ken's post.

"I have never added my phone number or card number on FB but I still kena (fell victim to it)."

Image via Twitter

Meanwhile, a separate victim shared their plight on Facebook, saying she has always been cautious when dealing with her bank cards by not linking them to any online services.

"But it still [happened] to me," she lamented, adding, "I found out the money deducted from my bank account through multiple continuous transactions yesterday (28 March). Then, I called Maybank customer service immediately."

"They helped me to cancel the card, but the thing happened again this morning (29 March). The staff [couldn't] give me a reason, so I decided to close the account."

Her post went viral with over 7,200 shares, with some netizens saying that they also faced the same issue.

She was told that the investigation would take 45 to 60 days to complete and there is no guarantee that she would get her money back.

"If banks are not responsible for their cybersecurity issues [and] cannot guarantee the safety of customer funds, then why do we need you? I could just get a MILO tin," she added.

Image via Facebook

There are many more such cases, with Malaysians taking to social media to reprimand the banks for their alleged failure in protecting their customers' savings.

One user reportedly lost a whopping RM4,395.65 between January and March, stating that although he has a credit card bound to his business Facebook ad account, his personal Facebook account never had such an arrangement.

Image via Twitter

After realising that so many people have faced the same issue, Ken started a Google Form for victims to fill up so that he could present it to Bandar Kuching lawmaker Kelvin Yii Lee Wuen

In an update yesterday, 30 March, he said 88 respondents have collectively lost RM24,889.28. 89% of them are Maybank account holders.

Of those respondents, 98% involve "Facebook ads" and 91% did not receive a notification, be it an SMS, call, one-time password (OTP), or app alert, regarding the transactions.

The majority of them have contacted the bank and have yet to receive refunds.

It is also understood from Ken's tweets that Maybank allegedly tried to downplay the issue by not releasing a statement, pushing the responsibility to Meta.

He said the Bandar Kuching member of parliament (MP), who is also the chairperson of the parliamentary select committee (PSC) on health, science, and innovation, will bring the issue up with Prime Minister Datuk Seri Anwar Ibrahim.

He also demanded that Bank Negara Malaysia, major banks, and relevant authorities explain the situation to the public, stressing that the issue is of great importance as it concerns "people's hard-earned money in these trying times".

SAYS has reached out to Maybank and is waiting for a comment.

Over the past few years, Malaysia has seen several cases of data breaching on a grand scale:

You may be interested in: