The commissioner of the Cyber Crime Investigation Bureau (CCIB), Pol Lt Gen Kornchai Klaiklung, said the police are in talks with the Bank of Thailand and the Thai Bankers’ Association to find a solution, reports the Bangkok Post.
“Initial checks found around 40,000 people have lost their money through such transactions,” Pol Lt Gen Kornchai said, before adding the majority of victims didn’t realise their money were being withdrawn as the perpetrators generally charged small amounts - albeit repeatedly.
Pol Lt Gen Kornchai said such withdrawals are possible if the perpetrators managed to get their hands on customers’ bank card details, which are often stored by online retailers and websites for the convenience of customers.
He said the police suspect multiple gangs are responsible for the crimes, using a variety of methods to commit offences.
Some gangs “phish” for their victims’ details by sending out text messages which asked them to fill in their personal details in exchange of discounts and other perks, he said. As such, he warned the public to not fill in their personal details into online forms that came from links from suspicious and/or unknown senders.
Meanwhile, some charges and withdrawals were made by store employees who stole their customers’ card details when their victims were completing a transaction, he said.
The commander of CCIB’s cyber crime analysis division, Pol Maj Gen Niwet Apawasin, said that some of the charges were initiated by online gaming platforms. He added that it would be easier to investigate applications registered in Thailand than those registered outside the country.
Police will hold discussions with the Bank of Thailand and online vendors to find ways to prevent such fraud - for example, by making the registration of online shops mandatory or issuing alerts when suspicious withdrawals are made, he said.
Government spokesman Thanakorn Wangboonkongchana said Prime Minister Prayut Chan-o-cha has instructed all agencies to take urgent action to put an end to the problem.
The Bank of Thailand and Thai Bankers’ Association issued a joint statement on Sunday (Oct 17) saying banks would accept responsibility for unauthorised withdrawals. It did list the names of the banks, however.
The statement said no commercial banks’ systems had been hacked, adding the irregular transactions were for payment to online shops registered outside Thailand.
Many victims are sharing their experiences on a Facebook page called “Sharing Experience on Unaware Cash Withdrawals”.
They questioned the security and reliability of Thai banks’ because they received no alerts at all when the unauthorised withdrawals were made. Most victims, in fact, only found out when they went to a bank to update their passbook.
One victim posted her passbook, which showed 13 withdrawals on Oct 11, each for B34.15.
The total number of victims remained unclear, but the aforementioned Facebook account had more than 57,000 followers as of yesterday.
Deputy police spokesman Pol Col Kissana Phathanacharoen said victims should ask banks to freeze their account and check their balance on their accounts once they suspect an unauthorised withdrawal has been made, before gathering all the evidence to file a police report.
He also said that those who misuse or abuse others’ electronic cards will face a jail term of up to five years and/or a fine of no more than B100,000 under the Criminal Code.
Paiboon Amornpinyokiat, a cyber security expert, told a television programme the unauthorised withdrawals were made possible by the failure of banks’ alert systems.
“Alerts were usually supposed to be issued, but they were not,” he said.
He also said some victims voluntarily gave up their personal information because they weren’t digitally literate, adding that agencies involved should investigate whether the withdrawals were the banks’ fault.