MA-1068.052024: MyCERT Alert – Scam Call Impersonation

1.0 Introduction
Lately, the Cyber999 Incident Response Centre of CyberSecurity Malaysia has been observing rising of several calls to users’ mobile numbers, purportedly from CyberSecurity Malaysia or Cyber999 and from other agencies, such as Kementerian Komunikasi, Malaysian Communications and Multimedia Commissions (MCMC), National Scam Response Center (NSRC), Ibu Pejabat Polis Daerah (IPD) Penang or Perlis and Kementerian Komunikasi (KKD) saying that they are going to terminate users’ phone number due to receive several cases from different state that involving illegal activities.

2.0 Impact
Personal information obtained from individuals could be misused by perpetrators for various malicious activities, for instance, impersonation via telephone calls, purportedly from government officials or the Law Enforcement Agency (LEA). The modus operandi is to create panic among potential victims and force victims to follow the order of the scammer to obtain/harvest personal details.

3.0 Modus Operandi
The calls were received from personal mobile numbers, not toll-free numbers or from businesses/organisations. The caller claimed to be from a Law Enforcement Officer (LEO) and accused the user’s mobile number of engaging in illegal activities, such as promoting online gambling, participating in illegal investments, or being involved in scams.

Users are pressured to lodge a police report within an unreasonably short time frame, often as little as two hours, and are directed to a distance police station, making it practically impossible for the victim to comply. Users may be offered assistance or encouraged to use the scammer’s system to facilitate the reporting process, adding an additional layer of deceit. We assume that the system or link or application from the scammer could be malicious and harmful to users if they click on it. Users are being threatened with legal consequences, such as being arrested or having their phone number blocked, to scare them into doing what they are being told to do.

The true intention behind these calls remains uncertain at present. However, there is a risk of irresponsible individuals exploiting user’s personal information for misuse purposes. This may involve seeking out sensitive details like Identification Card (NRIC) numbers or other personal details, with the potential for malicious intent. Based on our observation, this scam is most likely operated by a group of people with various mobile numbers.

4.0 Recommendations
Protection of sensitive data is required not only for legal or ethical reasons but for issues related to personal privacy. Hence it is important for individuals to be alert and vigilant when facing such threats as mentioned above.

We suggest the below best practices as preventive measures:

  1. Do not click on any links, applications or attachments sent over social media, email, SMS, Whatsapp or any online messengers, before verifying they are safe and not malicious.
  2. Do not disclose any personal information including NRIC numbers, telephone numbers, bank account numbers, ATM cards, or credit card numbers to an unidentified individual.
  3. Always check with the organisation implicated by using their official telephone numbers and do not call back any number that was given by the perpetrators during the call.
  4. Do not panic or simply follow the instructions given by the perpetrators. Users are advised to remain calm and disconnect such calls immediately.
  5. Lodge a report to the Royal Malaysia Police (PDRM) at a nearby police station.
  6. The public can also contact the PDRM via the CCID Infoline at 013-211 1222 or the CCID Scam Response Centre at 03-2610 1559 or 03-2610 1599.