KUALA LUMPUR, Aug 2 — Following the major blackout in Peninsular Malaysia on July 27, the Minister of Energy and Natural Resources Datuk Seri Takiyuddin Hassan said affected users will be given a reimbursement from Tenaga Nasional Berhad (TNB).

The detailed information is expected to be tabled in Parliament this coming Thursday (August 4).

Ahead of the announcement, TNB has warned about a new scam which claims to offer compensation to affected blackout users via Touch ‘n Go eWallet. The power utility company warned that the SMS which uses the shortcode (15454) is fake and urged users not to click the link in the SMS.

According to the shared screenshot, the message claims that Malaysians affected by the electricity supply interruption will receive RM100 in compensation through the Touch ‘n Go eWallet. To ‘claim’ the money, users will have to click on a link which goes to a fake website. — SoyaCincau pic
According to the shared screenshot, the message claims that Malaysians affected by the electricity supply interruption will receive RM100 in compensation through the Touch ‘n Go eWallet. To ‘claim’ the money, users will have to click on a link which goes to a fake website. — SoyaCincau pic

Advertisement

According to the shared screenshot, the message claims that Malaysians affected by the electricity supply interruption will receive RM100 in compensation through the Touch ‘n Go eWallet. To “claim” the money, users will have to click on a link which goes to a fake website.

This appears to be the same phishing tactic used for the RM800 Covid-19 financial aid scam which we reported a few days ago. The provided link goes to a website which is designed to trick users into submitting their registered mobile number, 6-digit pin and OTP for TNG eWallet. If a victim provides all three information, the scammers can gain access to the eWallet and possibly transfer all remaining balance or purchase items for sale.

Although the 15454 number looks legit, it is worth highlighting that cybercriminals can easily spoof the sender ID for SMS. This is the same situation as the MySejahtera RM800 scam as the SMS uses “GOV” as the sender name.

Advertisement

Scammers are always exploring new ways to fool its victims in handling over their eWallet or online banking credentials. Besides not clicking on suspicious links, users are also advised against installing apps outside of the official app stores. Maybank had issued a PSA warning against downloading dodgy APK files which are actually malware. Once installed, these malware-infested apps can potentially capture your login and password details and OTP in the background. — SoyaCincau