PETALING JAYA: A cybersecurity expert has urged banks to do away with telemarketing and email marketing entirely to protect customers from online scams, which have been on the rise in the last couple of years.
Vicks Kanagasingam, CEO of Censof Digital, lauded Bank Negara Malaysia for announcing several measures to curb online scams but called on banks, telecommunications companies and Putrajaya to take stricter action to stop scammers from duping Malaysians.
He said scammers often used phone calls and emails to snare victims, and an immediate ban was needed on telemarketing and email marketing by financial institutions and telecommunications companies.
Banks and financial houses could use social media, TV, radio or out-of-home media instead, he told FMT. “Leave it to consumers to contact them for their services or offers.”
Another cybersecurity expert, Murugason Thangaratnam, said a law on cybersecurity should be drawn up, and amendments made to the Personal Data Protection Act.
Murugason said heavier punishment should be meted out to scammers and fraudsters. “Existing laws related to cybercrimes are in dire need of updates,” he said.
A total of 12,092 online fraud cases were reported from January to July with losses amounting to RM414.8 million, according to the police.
On Sept 26, BNM told banks to move from the one-time password system to more secure forms of authentication for online transactions as part of efforts to curb online scams.
However, Vicks said these measures would still fail to mitigate Macau and SMS scams.
He said a cybersecurity command centre should be created so people can seek immediate help when caught in a scam.
This centre should comprise agencies like BNM, the finance as well as science, technology and innovation ministries, Malaysian Communications and Multimedia Commission, Cybersecurity Malaysia and the National Cyber Security Agency.
“It should be seen as the ‘999’ for cybersecurity and financial fraud activities. The public should know just one number to call for help or to report fraudulent activities or cyber crime,” he said, adding that banks, insurance firms and telcos should fund the command centre.
However, Murugason maintained there was no silver bullet, saying users still needed to be vigilant against scammers on the prowl.
A proper cybersecurity and data protection ecosystem would only be functional and secure if there were “responsible and cautious data givers and accountable data takers,” he said.