ON PAPER, losing one disgruntled customer over a petty sum of RM13,000 is unlikely to shake CIMB Bank Bhd’s position as Malaysia’s second largest bank after Maybank.

But losing one customer over a petty sum of RM13,000 to three unauthorised transactions which left the account holder with a paltry RM50 in her account is obviously a grave matter that somehow triggers concerns over lax of security.

Such is the traumatic experience shared by Putrajaya Hospital consultant physician and nephrologist Dr Rafidah Abdullah in a four-part Facebook posting which has gone viral

“Isn’t it ridiculous that there was no trigger whatsoever for the three CIMB Click transactions amounting to RM13,000 at between 2am and 2.30am (on Friday, Aug 19)? No request for TAC (transaction authorisation Code) at all. Everything vanished at the blink of an eye,” she lamented on the first part of her FB posting under the heading “Good Bye, CIMB”.

“This is absolutely ridiculous. I’ve lodged report to CIMB, police and others. The feedback thus far is that if a scammer has withdrawn the money, there is no compensation. For sure, I’ve lost all my faith in CIMB. I will deactivate my account in the near future.”

In thanking netizens for their responses across all her social media platforms – FB, Instagram Stories, TikTok and Twitter – Dr Rafidah said she uses an iPhone and never uploaded weird apps.

“Maybe someone got my info. I have uninstalled all apps on my phone and reset,” she updated on the second part of her FB posting.

Apart from the police, Dr Rafidah said she had also e-mailed all the relevant information to CIMB, the bank that received my money (Hong Leong Bank) as well as report the matter to Bank Negara Malaysia (BNM).

“I have considered that the money is not my rezeki (sustenance). But what bothers me is what I read. It seems that many people got scammed/hacked like this. Sad to hear of aunties, uncles and lay people who lost their income and savings in this manner.”

In the third part of her FB posting, Dr Rafidah thanked CIMB for calling her and explained to her that she might have pressed on a duplicitous link prior to the illegal transaction. Apparently, such link allows for another iPhone 6 device to register details of her account.

“My question is simple: I have had a CIMB account for almost 30 years; have I ever registered two phones for this account? Of course NOT. Even the phone number never changed. Does this mean that the three transactions by the ‘registered’ iPhone 6 does NOT require a TAC?” she asked.

“Why is it that registering a new phone doesn’t require TAC? I demand CIMB to tighten its security by allowing only ONE number for CIMB to click and should there be new or other phone detected, please inform the account holder immediately.”

“I don’t think this is rocket science. I expect this to be done immediately. Use a little brain. Tighten the SOPs (standard operating procedures). This is the right of all individual Malaysians. Their hard-earned money, for goodness sake,” added a fuming Dr Rafidah.

In the fourth part of her FB posting, Dr Rafidah rallied Malaysians “to continue making noise till the bank TIGHTEN up its security.

“Don’t let the bank blame you instead. It is NOT your fault. Don’t be fooled. Where are you, BNM?” argued the vocal medical specialist-cum-surgeon, proposing that the central bank shut down banks with problematic security with immediate effect.

“Shame on you – this is what you posted in relation to what the country is upset about? (see CIMB’s scam advisory). Ridiculous, useless and classic act of washing hands. Do not, I repeat DO NOT shift the blame.

“I demand you replace all the money of Malaysians who were scammed and whose accounts were hacked. It is NOT their fault.” – Aug 21, 2022

Editor’s Note: This is certainly not the first time that CIMB Bank has found itself at odds with its account holders.

Following a recent class suit by 2,959 individuals over breach of contract and breach of duty of care, CIMB Group Holdings Bhd who is the parent of CIMB Bank and CIMB Islamic Bank Bhd told theedgemarkets.com on April 30 that it will strongly defend its position and leave the outcome to the due process of the court.

In the statement of claim, the plaintiffs said that in or around mid-2020, they were involved in cryptocurrency activities wherein they received several transactions of funds. In an abundance of caution, the plaintiffs averred that they contacted the defendants and were informed that the credit was valid.

However, in or around January 2022, the plaintiffs were notified that their savings and/or current accounts were frozen or earmarked. When contacted, the defendants stated that it was “an over credit or duplicate credit”. The plaintiffs were given an option to either pay the over credit or monies from the plaintiffs’ accounts would be deducted/set off after Feb 2, 2022.

https://focusmalaysia.my/missing-southern-bank-how-a-loyal-customer-ditches-cimb-after-30-years/