News Forum - Thai woman ‘clicks one link’ and loses 40 years of savings in terrifying tax scam

[Thaiger]

A 63 year old woman from Trang province in southern Thailand says she “clicked one link” on Tuesday morning and lost her life savings of 1.5 million baht in the blink of an eye. Nis went from having millions in her bank account – which she saved up by selling pork at a market for 40 years – to just 1661 baht in the bank. Nis says she received a call from a scammer claiming to be someone from Thailand’s Revenue Department. The scammer told her she had outstanding tax to pay and sent her a link via Line. The […]

The story Thai woman ‘clicks one link’ and loses 40 years of savings in terrifying tax scam as seen on Thaiger News.

Read the full story

[TheDirtyDurian]

Wonder if there's an element of inside job to this through someone in the revenue department. It would certainly make for more targeted victims, because they were already having dealings with the revenue department at the time. 

Or maybe that was just a coincidence in this case. 

Even so, quite scary if it happened as stated because like she said, anytime transfers take place the customer will be sent an OTP to verify the transaction. 

 

[DoUKnowWhoIAm]

Can't be too careful these days. Keep your money in atleast 3 different banks.

[Guest1]

22 minutes ago, TheDirtyDurian said:

Wonder if there's an element of inside job to this through someone in the revenue department. It would certainly make for more targeted victims, because they were already having dealings with the revenue department at the time. 

Or maybe that was just a coincidence in this case. 

Even so, quite scary if it happened as stated because like she said, anytime transfers take place the customer will be sent an OTP to verify the transaction. 

On top, who is having, regulary, this daily transferlimit that hight, for over 1 Million baht?

So it must be someone who even has the id card details, to rise the transfer limit. 

[cowslip]

From bitter experience I know that even those who think they would recognise a scam and wouldn't fall for it are just kidding themselves - there's a scam for ever type of person. My bank refunded the money I'd lost within a month - this was in the UK.

[Ramanathan.P]

This is a common type of scam in this region. 

[Chatogaster]

 

Assuming the facts are complete (but knowing that they're not), the only way this makes sense if both SCB as well as KrungThai allow payments via URI's and skip authorization if the person is already authenticated (i.e., if the user already logged into both bank apps). Another factor worth consideration is the daily transfer limit: it's less than 1,458,000 baht by default (and it takes some hours before an increase of that limit is effected).

I can imagine a security bug in SCB software on the app-side (albeit barely because of the obvious stupidity of it), same for KrungThai software, and I can imagine that a strange transfer limit was set. However, there's no way I can't imagine them all at the same time and I expect there to be some crucial facts left unmentioned.

The fact that the message "668325, […]" was recalled actually makes me suspicious. Not many people have an eidetic memory but that's what would be needed to recall that message that after a stressful event, unless it's not an arbitrary code. It's not a date or an account number, but it could be a password.

I now wonder if the victim (<-- still assuming that) entered her password after clicking on the link. If that's what happened: why would anyone do that?!

Right now I only see 2 options: either the victim is the scammer, or some crucial facts were left out of the equation.
 

 

[Marc26]

8 hours ago, DoUKnowWhoIAm said:

Can't be too careful these days. Keep your money in atleast 3 different banks.

Thai banks are notorious for insider jobs

 

And being less than helpful, almost antoginitstic, towards their customers who have got scammed

 

 

[FarangandEarnest]

16 hours ago, Chatogaster said:

Assuming the facts are complete (but knowing that they're not), the only way this makes sense if both SCB as well as KrungThai allow payments via URI's and skip authorization if the person is already authenticated (i.e., if the user already logged into both bank apps). Another factor worth consideration is the daily transfer limit: it's less than 1,458,000 baht by default (and it takes some hours before an increase of that limit is effected).

I can imagine a security bug in SCB software on the app-side (albeit barely because of the obvious stupidity of it), same for KrungThai software, and I can imagine that a strange transfer limit was set. However, there's no way I can't imagine them all at the same time and I expect there to be some crucial facts left unmentioned.

The fact that the message "668325, […]" was recalled actually makes me suspicious. Not many people have an eidetic memory but that's what would be needed to recall that message that after a stressful event, unless it's not an arbitrary code. It's not a date or an account number, but it could be a password.

I now wonder if the victim (<-- still assuming that) entered her password after clicking on the link. If that's what happened: why would anyone do that?!

Right now I only see 2 options: either the victim is the scammer, or some crucial facts were left out of the equation.
 

As a software dev I have to agree. For it to happen the way its described there would have to be the same fundamental flaws in 2 separate banking apps. There is definitely something missing from the story or something they haven't considered is connected. Maybe the scammer has had a previous interaction to learn her password. Good chance the same one is used for everything and most likely breaks some of the golden rules for choosing a password. They can easily intercept the OTP text messages if they have fully taken control of the phone.

[Wackamole]

fair chance the story is bs and she transferred the money herself

[JamesR]

On 9/16/2022 at 12:19 PM, Chatogaster said:

Assuming the facts are complete (but knowing that they're not), the only way this makes sense if both SCB as well as KrungThai allow payments via URI's and skip authorization if the person is already authenticated (i.e., if the user already logged into both bank apps). Another factor worth consideration is the daily transfer limit: it's less than 1,458,000 baht by default (and it takes some hours before an increase of that limit is effected).

I can imagine a security bug in SCB software on the app-side (albeit barely because of the obvious stupidity of it), same for KrungThai software, and I can imagine that a strange transfer limit was set. However, there's no way I can't imagine them all at the same time and I expect there to be some crucial facts left unmentioned.

The fact that the message "668325, […]" was recalled actually makes me suspicious. Not many people have an eidetic memory but that's what would be needed to recall that message that after a stressful event, unless it's not an arbitrary code. It's not a date or an account number, but it could be a password.

I now wonder if the victim (<-- still assuming that) entered her password after clicking on the link. If that's what happened: why would anyone do that?!

Right now I only see 2 options: either the victim is the scammer, or some crucial facts were left out of the equation.
 

I agree, I have been a software engineer of 35 years and over the last few years I have written iPhone apps, there is no way just by clicking a button your banking app could be broken into remotely by another app.

A lot of the stages she was told to go thought have not been mentioned, including authorising the transfer.