Lebaran Nears: Beware of New Modus Operandi Used by Thieves to Break into M-Banking
Jakarta, CNBC Indonesia — As Lebaran holidays approach, the public are urged to heighten vigilance. The holiday period is often exploited by criminals to carry out various fraud schemes.
National Technology Officer Microsoft Indonesia, Panji Wasmana, reminded that the surge in digital transactions during holiday seasons is often followed by a drop in user vigilance. This condition is frequently exploited by cybercriminals who impersonate a widely known travel service in order to obtain personal data.
‘During holiday periods when digital transactions rise and digital vigilance tends to decrease, cybercriminals often exploit the trust that individuals and organisations place in popular travel agencies to steal data,’ Panji said in a statement some time ago, as quoted on Sunday, 8 March 2026.
One modus operandi to watch out for is phishing. Based on Microsoft Threat Intelligence’s notes, the attack has increasingly used a technique known as Clickfix.
That method allows the victim’s credentials to be stolen by creating a fake login page and a fake captcha. Clickfix will prompt the victim to do something on their device, not realising that they have downloaded data-stealing malware and opened access to the perpetrator’s mobile.
Clickfix was discovered around February 2025 and targeted various regions including Southeast Asia.
According to Panji, what needs to be done is to recognise the attack patterns and implement protection. It is hoped that in this way data can be protected from criminals.
Here are some security steps that can be implemented to avoid becoming a phishing victim during the Lebaran holidays:
Ensure you communicate only with official hotels or travel agents. Don’t forget to always check contacts in line with the provider’s service.
Only use secure networks and avoid using public Wi-Fi when logging into accounts.
Always check the email address received. Be wary of phishing emails if they urge you to act.
If you receive a suspicious email, avoid clicking the links inside it. Check via the official site.