Woman loses almost $2,000 to phishing email scam

A 42-year-old sales manager lost almost $2,000 when she clicked on a phishing email purportedly sent by her bank.

Ms Lin told Shin Min Daily News that she received an email titled "Digital Token Reactivation Required" on June 17, reminding her to update her digital token in order to continue using online banking services.

"I didn't think much about it and clicked on the link in the email," said the unsuspecting Ms Lin. "The website interface was almost identical to the bank's website."

She added: "I followed the instructions to enter my information and the one-time password sent to me, and the system showed that the update was successful."

Unknown transactions

A few days later, Ms Lin's husband found four unfamiliar transfers of different amounts from their joint account and immediately contacted their bank.

After investigating, the bank told the couple that someone had logged into the account and transferred more than $1,800, of which the largest transaction amounted to $1,364.84.

"The bank said that I accidentally clicked on a phishing website and entered a one-time password (OTP) to authorise the other party to log into my account. I later found out that the email that day was not sent by the bank at all."

While the bank sent several emails that day warning that her account was at risk, the emails were forwarded to her spam folder.

"I usually pay attention to fraud news, but I never thought I would fall for it. Fortunately, this is a small account we use for daily expenses. If it was linked to the main account for our salaries, it would be terrible."

Ms Lin expressed hopes that by sharing her own experience, it would remind the public to remain vigilant.