There seems to be a trend of online and phone scam going on, especially with the rise of adoption of digital wallets and wireless payment services.
I would like to point out a few recommendation and best practices, I will explain more on them later.
- Never use your real name, full name or otherwise as your PayNow identifier
- Do not do mobile apps banking on untrusted/unsecured devices
- Never link your main saving bank account to any e-wallet/debit card
Point 1, name as PayNow identifier.
You will be half a leg into a scam trap if you do so, PayNow allows any strangers to know your identifier by simply doing a lookup, if you have your full name registered, not only that stranger knows your number but also your name. By doing a call to you announcing your name as well as naming a trusted organization, they could further steal more information from you such as NRIC or addresses.
This could be stacked with other methods such as WhatsApp temp ban using phone recovery spamming technique, they could contact you masquerading as WhatsApp.
Point 2, untrusted devices.
Getting non IT savvy folks to stop installing junk APK is hard, getting them to vet the source, certs and app permission is even harder. iOS devices are more secure for simply for not even trusting their own users. Google Play Store does not inspect hosted application as closely as Apple App Store as well. We shit on Apple all the time for being a wall garden, but security works both way.
Point 3, Big Pot Of Gold
Please please please have at least 2 account, one for short term spending while the other for mid to long term storage(please look into investing methods, don’t store large sum of money in banks). Having an e-wallet or debit card linked to your main saving account open your entire saving to risk, having a secondary account that does not have any other ways for transaction help preventing any potential thief and scam(and even yourself from doing stupid things).