Suspect you’ve been scammed? You can now deactivate all online banking access linked to your Maybank account

This post is brought to you by Maybank.

In this digital economy, eCommerce is on a sharp rise in popularity, with many consumers choosing to acquire products and services online rather than visiting brick-and-mortar stores or calling up a service provider. However, this has opened doors for some bad actors to take advantage of the situation and scam people out of their hard-earned money.

Scammers will do this by getting people to pay for fake or non-existent products, typically advertised on social media platforms.

A more devastating method scammers employ is to trick unsuspecting victims into providing their financial information by sending phishing links via SMS or WhatsApp saying the victim has won a prize or convincing them to install malware-infected apps that will relay information like SMS OTP back to the scammer.

If the scammer gets hold of the right credentials, they will then proceed to empty the victim’s financial accounts.

To combat the rising number of scams, especially online scams, Bank Negara Malaysia has outlined five online banking mandates to further strengthen safeguards against financial scams.

Financial institutions are no longer allowed to maintain SMS OTP as a form of authentication for online activities or transactions.

Customers are to be immediately alerted when activities involving their banking accounts are detected and hotlines for financial scam incident reports are now a requirement. For authenticating online banking transactions, only one device per customer is allowed. Moreover, there will also be a cooling-off period for first-time enrolments in online banking services or devices, during which no online banking activity is allowed to be conducted.

Finally, financial institutions are required to provide quick and easy ways for customers to suspend their bank accounts if they suspect that their accounts have fallen into the wrong hands and to be able to reactivate their accounts after a while to ensure that their accounts are secure.

With that in mind, Maybank has introduced new security features to its online banking service, in accordance with Bank Negara Malaysia’s mandates to increase customers’ online banking security.

Deactivate M2U access with Kill Switch

Maybank’s new Kill Switch feature allows customers to immediately deactivate their M2U access on all devices and automatically log out from all active sessions if there are any suspicious activities, stopping the further outflow of funds. Yes, it’s that straightforward!

After triggering the Kill Switch, you, and more importantly, the scammer, can no longer access your Maybank account via the MAE app, M2U MY app, and Maybank2u web service. At the same time, all online transactions using your account are blocked, while cardless and contactless cash withdrawals are unavailable.

It’s important to note that your bank account is not frozen; rather, all online access to the account is suspended. Therefore, you’re not completely left without access to your funds as your physical cards are not affected. So, you can still withdraw cash from ATMs and make purchases using your Maybank debit or credit cards including cards registered on Apple Pay and Samsung Pay and auto-debit transactions will continue operation as per usual.

To reactivate your M2U access after triggering the Kill Switch, head over to the nearest physical Maybank branch or simply call the Maybank Group Customer Care to verify your credentials.

Now, despite this feature being a leap forward in combating scams and fraud, it is in no way designed as a preventive measure. You should only use Kill Switch if you suspect that you’ve been scammed or hacked, as it’s designed to make it as difficult as possible for scam artists to further access your account. Therefore, remember to always stay vigilant online and keep away from shady links and apps.

In an emergency, here’s how to use Kill Switch

The Kill Switch feature can be found on the Maybank2u website and the MAE app. If you don’t see it on your MAE app, check if you have the latest updates installed.

Kill Switch on the MAE app

Once you have logged into your account on the MAE app, look for the ‘More’ tab which will be located on the left-most side of the ribbon on the bottom of the screen.

If you ever find yourself in a situation where your bank account might be hacked, click on the Kill Switch icon and you will be asked to key in your password before you can proceed. Follow the directions prompted on the screen and click confirm on the last step to deactivate your Maybank2u service.

Kill Switch on Maybank2u web

Once you log in with your Maybank2u access and land on the dashboard, proceed to the settings page. Here, click on the Security tab and you can find the Kill Switch feature at the bottom of the list.

Click on the ‘Deactivate’ button and key in your password. Then, just like on the MAE app, follow the instructions prompted until you reach the confirmation screen. Click confirm and your Maybank2u access will be deactivated.

Tighter security with Secure2u

Secure2u or S2U was first introduced by Maybank in 2017 and will fully migrate to this verification system by June 2023. Replacing SMS OTP, S2U generates the six-digit transaction activation code (TAC) through the M2U MY and MAE apps. However, do note that all new Secure2u activations are now available only on the MAE app.

The security concern surrounding SMS OTP was that it could be intercepted by a hacker as it is not encrypted or compromised due to SIM jacking. There are also incidents where the scammer will contact the victim, pretending to have accidentally sent the OTP to the victim’s phone number.

Switching to a code generator on the device itself via the mobile app offers more security and a layer of encryption.

Cooling-off period provides more time to respond

Maybank has implemented a 12-hour cooling-off period after enrolling Secure2u for the first time or on a new device, during which no banking activity can be made in the 12-hour cooling-off period. This system is implemented to prevent any unauthorised transactions made by a new unrecognised device.

Only one device can be registered per customer for Secure2u and customers are alerted via SMS, push notification and email when Secure2u is registered on a new device giving customers enough time to report any unauthorised activation.

With all these security features aimed at minimising online scams and fraud, Maybank aims to be at the forefront of online banking security. Learn more about the Kill Switch feature today and how you can use it to stop scam artists from doing further damage.

If you ever find yourself in a possible fraud case, feel free to immediately reach out to Maybank’s 24/7 Fraud Hotline at 03-58914744 or the National Scam Response Centre (NSRC) Hotline: 997 from 8am to 8pm.

Recent Posts

Porsche Taycan and Macan EV prices surge in Malaysia: Up to RM410k higher

Porsche has recently updated the price of its EV lineup in Malaysia, and the changes…

8 hours ago

TNG eWallet now lets you search SSM company records and download official documents

If you need to verify a Malaysian business or obtain more background information, you can…

11 hours ago

Bye-bye physical discs: PlayStation goes digital-only from 2028

For close to two decades, buying a new PlayStation game meant picking up a Blu-ray…

12 hours ago

Flexi Parking is back online: Look out for minor teething issues

The Flexi Parking system is operational again after being crippled for the past few days…

12 hours ago

Hotlink 5G Travel SIM offers 7-day “unlimited” internet in 4 countries for RM25

Hotlink has enhanced its Travel SIM offering which lets you stay connected in 4 countries…

13 hours ago

Semak Kasih offers a legit starting point to check for unclaimed takaful and life insurance

The Malaysian Takaful Association (MTA) and Life Insurance Association of Malaysia (LIAM) have recently launched…

1 day ago

This website uses cookies.