Maybank Indonesia urges customers to watch out for digital fraud ahead of Eid al-Fitr

Maybank Indonesia urges the public to heighten vigilance against increasingly sophisticated digital fraud as online transactions rise during the mudik period and Lebaran holidays.

Maybank Indonesia’s Compliance Director Yessika Effendi warns that perpetrators now frequently employ social engineering and phishing to obtain personal data and access victims’ devices.

‘Digital fraud techniques continue to evolve and rely on psychological manipulation, with criminals exploiting victims’ panic to consciously disclose sensitive information such as OTPs, PINs, and passwords. The Lebaran period is often exploited because people tend to be more relaxed amid various activities,’ Yessika said in a statement in Jakarta on Thursday.

In practice, perpetrators typically contact victims, claiming to be bank staff, tax officers, civil registry officials, or law enforcement officers.

The victims are then told there is a suspicious transaction and are asked to click a fake link that mimics the official site to cancel the transaction.

Moreover, perpetrators often request victims to download an APK file containing malware, perform screen sharing via WhatsApp, grant access to the device, or transfer funds under the pretext of stamp duty or administrative fees.

If victims follow these instructions, criminals can take control of the phone and access mobile banking without permission, read OTPs and important notifications, change the password of mobile banking or the M2U ID App (Maybank Indonesia’s mobile banking), as well as access email and e-wallet accounts, and even send fake messages to the victim’s contacts.

‘It should be understood that the criminals do not break into the bank’s system. They trick the victims into surrendering their own access. Therefore, customer vigilance is the main bulwark in protecting their funds,’ emphasised Yessika.

As a precautionary measure, Maybank Indonesia urges customers not to click on suspicious links or download suspicious files.

For banking transactions, customers are advised to use only official channels such as M2U ID Web and M2U ID App, available in the App Store and Play Store under the search term ‘Maybank2u ID’.

Customers are also reminded never to share secret data such as OTP, PIN, TAC, Secure2u passcode, and CVV/CVC codes. Maybank Indonesia, Yessika stressed, never requests this information by telephone or via links.

If customers receive information about a suspicious transaction, they are advised to stay calm, terminate communication, and immediately contact customer service, such as Maybank Customer Care 24/7 at 1500611 or +6278869811 (from abroad) or via customercare@maybank.co.id.

Customers are also encouraged to routinely check transaction notifications, monitor their balance, and periodically change their PIN and password.

‘Digital transaction security is a shared responsibility. With heightened vigilance, the public can enjoy Lebaran safely and comfortably without cybercrime disruptions,’ concluded Yessika.