Maybank Phishing Email

Another phishing email claiming to be from Maybank. As usual it starts with a story about something happening to your account. It gives you a link to click on and asks you to enter your personal banking details.

Please read the previous post on how to identify phishing emails.

Below is the text from the email:

Dear Maybank customer,

We are hereby notifying you that we’ve recently suffered a DDos-Attack on one of our’s Online Banking server. For security reasons you must complete the next steps to verify the integrity of your Maybank account. If you fail to complete the verification in the next 24 hours your account will be suspended.

Here’s how to get started:

1. Log in to Maybank online account (click here).

2. You must request for TAC via Maybank online banking – your TAC will be sent via SMS to the mobile phone number you registered. ( you can find the "Request a TAC" button in the Utilities menu of your account )

3. Logout from your account and close the browser.

4. When you have received the TAC (Transaction Authorization Code) on your mobile phone, go to our secured verification server and submit the requested information (Username, password and TAC). (click here) to go on our secured server.

5. Please allow 48 hours for processing.

Please comply and thanks for understanding

If you see this email just delete it.

  1. Yeah, I deleted it. Thanks again.

  2. I knew something was wrong. But the thing is, the email was sent from security@maybank.com.my though the email obviously sounds like a scam, how did they get the @maybank.com.my ?or is the real maybank supposed to send us mail using @maybank2u.com.my?

    I did not click on:
    1. Log in to Maybank online account (click here).

    But I just scroll my mouse to ‘click here’ and the address on my status bar below is written that the url that will lead us from clicking there is maybank2u website. People might just get cheated by that. I hope Maybank will do something about it.

  3. Hi Jenna. It’s easy to forge an email to make it look like it’s from someone else. The email system everyone uses today was invented in 1982, nobody expected all these scams back then so it was never designed to be safe or secure.

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>