KUALA LUMPUR – A female operations manager with a Klang Valley-based information technology (IT) firm has been riddled with more than RM13,000 in debt for nearly a year, after an unknown party used her HSBC credit card to purchase cryptocurrencies.
Since December last year, Rachel (not her real name) has been going back and forth between banks, mediators, police, and a telecommunications company (telco) just so she can prove that she was not the person who made several transactions that led to her current predicament.
Speaking to The Vibes recently, the mother of two – who is in her 40s – said she has become increasingly frustrated over the lack of an amicable solution to her case, as she will likely have to pay back the sum owed to the bank even though she is an alleged victim of fraud.
According to a police report she filed at the Travers police station here on January 12, Rachel claimed a total of eight fraudulent transactions took place between December 13 and 16.
The first half of the transactions between December 13 and 14 were done in United States dollars, and amounted to the bulk of the debt at more than RM12,000, while the remaining were done in ringgit and amounted to several hundreds of ringgit each.
In total, she accrued RM13,074.32 in debt from her HSBC Mastercard. The bank, she said, could not reverse the transactions.
In the report, Rachel said she did not receive any one-time passwords (OTPs), nor any purchase confirmation messages that are usually sent to her mobile phone.
I only received a notification on December 21 on the high (credit card) balance via SMS, and was told by the bank to raise a dispute after I called its customer service.”
After exhausting all avenues, Rachel said she had reached out to The Vibes after reading an article about the lawyer who lost RM1 million in life savings stashed in another international bank recently.
Rachel said following her complaint, she was then made to contact Ombudsman for Financial Services (OFS) and was assigned a case manager.
Onus on victim
She said despite giving her full cooperation to the bank and OFS, the onus was placed on her to prove that she did not receive the OTPs.
She said she had gone to her telco provider some time in July, but the company only kept records of such messages within a period of two months and was unable to trace the OTP messages.
“The only resolution I am given by OFS is to pay back the amount in instalments with waived interest payments. This is ridiculous.
“I am also told that if I take the legal route, which will cost me a lot of money, whatever evidence I present won’t be accepted in court. I’m supposed to be fairly evaluated on all aspects.”
Rachel, who has been a HSBC customer since 2003, said the bank was initially reluctant to reveal the recipient of the transactions, but she later discovered in September that they were all done on the website crypto.com.
“On all the transactions, the crypto merchant provided the buyer’s name, email, and phone number. The name on my credit card was used, but it wasn’t my full name, just the first three characters of my first name and three characters of my surname.”
She said being in the IT industry, she is extra vigilant over the smartphone apps she uses. However, a bank officer suggested that she must have downloaded a dubious app, which led to identity theft.
I only use my computer to do online banking as it has a bigger screen and I can avoid making errors. I never do online banking with a phone.”
She said she was also told by HSBC and OFS that a police investigation “won’t go far” in resolving her case.
“What am I satisfying here? I am trying to do whatever they are requesting to solve the issue. Everyone is telling me what to do, and I am doing it. They all know I didn’t do it, but am I supposed to solve the mystery on the OTPs that were used by another person?
“Why am I held responsible or liable? I still don’t understand. I am in an endless loop.”
Still under review
Meanwhile, The Vibes had reached out to HSBC Bank Malaysia Bhd, whose communications team said the matter is still under review with OFS due to the customer’s appeal.
A spokesman from the bank, in an email response, said HSBC is unable to share further details due to confidentiality.
However, it said all disputes raised are thoroughly investigated by the bank – and when escalated, are reviewed independently by OFS.
“In general, for disputed transactions completed and authenticated via OTPs, it is deemed genuine as only the customer would be able to authorise such transactions. This is as per the industry and OFS expectations.
“Customers are reminded to be vigilant when conducting online transactions, avoid using public computers or internet connections when accessing bank accounts, and to not disclose their personal security details to anyone – not even someone claiming to be from the bank or police.”
The spokesman said customers are encouraged to check their account balance and statements on a regular basis to detect any unauthorised transactions, errors, or discrepancies, and to immediately report any unusual transactions to the bank. – The Vibes, November 22, 2021