Latest news with #CybersecurityMalaysia
The Sun
20-05-2025
- The Sun
Cyberstalking new challenge in battle against digital crime
PETALING JAYA: Never mind scam calls, stalking by cyber creeps is the new horror experience. Experts say cyberstalking has become the new focus in Malaysia's fight against cybercrime, with spyware-laden apps, stolen personal data and insider leaks providing stalkers the means to invade lives undetected. Cybersecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab said despite updates in 2023, existing laws remain inadequate to deal with cybercrimes. 'Malaysia amended the Penal Code in 2023 to criminalise stalking, including cyberstalking, under Section 507A. However, enforcement challenges remain due to anonymous online behaviour, outdated legal tools and limited victim support mechanisms,' Amirudin said in an emailed response to theSun. He also said these cases also remain underreported due to stigma, fear and lack of awareness. Amirudin said the personal data used in such incidents is often obtained through data breaches, public social media accounts, malicious mobile apps or leaks from third parties, such as insiders from call centres who sell personal contact information to scam syndicates. 'Scammers use this information to make unsolicited calls, send messages or add individuals to scam groups on platforms like Telegram or WhatsApp. While GPS tracking and spyware are less common, they are used in more targeted cases,' he said. Amirudin also advised victims of cyberstalking to systematically gather and preserve digital evidence to support investigations. 'Victims should take clear screenshots of messages, call logs, profiles and any suspicious content, ensuring that dates and times are clearly visible. Chat logs, emails and media files must be saved in their original, unaltered format.' 'Where possible, back up all evidence to a secure cloud service or external storage device. Once collected, this evidence should be reported promptly to relevant authorities for appropriate action.' According to Malaysia Computer Emergency Response Team data, Malaysia logged 4,219 online fraud cases in 2024, making it the top cybercrime in the country. This was followed by digital intrusions, with 755 cases. Commenting on the technical landscape, Taylor's University professor and Global Alliance for Cyber Safety director Datuk Husin Jazri said stalkerware and obfuscated malware are increasingly being used in cases of intimate partner violence and gender-based threats in Malaysia. 'These tools allow perpetrators to monitor, record and control victims remotely. They are difficult to detect,' he said. Husin cited several examples of such malicious apps, which are often disguised as phone RAM boosters, battery optimisers, child monitoring tools or even free keyboard apps. These apps commonly request high-level permissions or exploit Android's Accessibility Services to intercept data and log user activity. Husin also warned that fake system apps are being used to steal sensitive information. 'These apps disguise themselves as firmware updates but are actually sideloaded apps or phishing tools. 'They operate silently in the background without any visible icon, capable of recording microphone audio, capturing periodic screenshots and even harvesting messaging data from apps such as WhatsApp and Telegram,' he added. He also said Malaysia has limited technical capacity to trace and effectively respond to cyberstalking cases. 'We need a dedicated agency to ensure our digital citizens are safe and aware of the surrounding threats that are targeted at a random pace,' he said. He also urged immediate action, including the introduction of a Cyber Safety Act, revamping outdated laws like the Computer Crimes Act 1997, and rolling out cyber education in schools. 'Companies should be mandated to provide regular training for employees on data protection and online safety, as cyber threats are constantly evolving, particularly with the rise of AI (artificial intelligence),' he added.
New Straits Times
28-04-2025
- Business
- New Straits Times
NST Leader: The rise and rise of scam ads
MALAYSIAN cybersecurity authorities are warning of a surge in scam advertisements flooding search engines and social media platforms: fake job offers, instant loan schemes and counterfeit luxury goods. To tell the size of the surge in scam adverts, one just has to see what search engines like Google blocked or removed last year, 14.2 billion ads. It also suspended 39.2 million advertiser accounts, including 415 million ads and over five million accounts flagged for scam-related violations. But those blocked, removed or flagged don't make up the total of scam ads out there. Cybersecurity Malaysia is of the view that the best line of defence remains a cautious user. No debate here. But it must surely be aware that not all users are learned enough to know what HTTPS or URLs are. These users require more than perfunctory advice to be cautious. There is no doubt that scam ads have become sophisticated, but cautious users would be able to detect the red flags that they come attached with. An investment scheme that promises instant huge returns is one. A limited-time offer is another. Vigilance by Internet users is certainly critical, but it is not the only weapon against scam ads. Our cybersecurity authorities, too, must wage an aggressive war against scammers by getting search engines, social media platforms and telecommunications companies to do their part. But a war against scammers can only be won if the few agencies tasked with cybersecurity get their act together. When more than one agency is in charge, things are sure to slip through. In the case of Malaysia, we can think of at least three agencies — the Malaysian Communications and Multimedia Commission (MCMC), Cybersecurity Malaysia and the police. Universiti Sains Malaysia Cybersecurity Research Centre director Professor Dr Selvakumar Manickam is right in saying that inter-agency coordination needs significant improvement. He put it thus to the New Sunday Times: "The roles, responsibilities, and specific expertise of agencies such as the MCMC, Cybersecurity Malaysia and the police must be defined and streamlined." To him, comprehensive improvements are needed as to how scam advertisements are monitored and regulated in Malaysia. In the United Kingdom, the Financial Conduct Authority (FCA) springs into action relatively quickly. In 2023, the financial watchdog blocked 10,000 scam ads from Instagram, Facebook, YouTube and TikTok. The FCA also ordered businesses to amend or remove 8,582 promotions in 2022, besides publishing 1,900 alerts to consumers about potential scammers. We aren't sure if any of our cybersecurity authorities does this, but we certainly don't read about it. It is hard to estimate how much Malaysians lost to scam ads, but scams in general cost 95,800 victims RM3.18 billion between 2021 and April last year, according to the Digital Ministry figures. This may just be the tip of the iceberg as many victims do not report being scammed. As Selvakumar told the NST, Malaysia needs legislative and regulatory reforms. One such is shared responsibility for scam losses, holding social media platforms and telcos accountable as they are uniquely positioned to identify network-level threats. Besides, such legal reforms would incentivise them to adopt robust preventive measures.
New Straits Times
26-04-2025
- Business
- New Straits Times
Experts urge tougher rules on scam ads to combat rising online fraud
KUALA LUMPUR: Given rising concerns over digital fraud, experts are calling for comprehensive improvements to the monitoring and regulation of scam advertisements in Malaysia. Universiti Sains Malaysia Cybersecurity Research Centre director Professor Dr Selvakumar Manickam proposed that digital platforms must implement mandatory and rigorous advertiser verification for all ads targeting the Malaysian market. "They also need to proactively deploy advanced AI systems capable of identifying and blocking deepfakes and AI-generated fraudulent content before it proliferates," he said when contacted. Selvakumar added that legislative and regulatory reforms are also critical. "Although Malaysia has recently enacted several policies and legislative updates to modernise its cybercrime framework, their effectiveness in practice and the strength of their enforcement still require ongoing assessment." ""Consideration should be given to specific regulations addressing new technological challenges; for example, China has introduced new rules requiring the labelling of AI-generated content to combat misinformation and enhance online transparency. "Crucially, clear policies establishing shared financial liability for scam losses should be introduced, holding both platforms and telcos accountable and incentivising preventative measures." Other measures, he said, telecommunication companies often serving as ISPs, are uniquely positioned to identify network-level threats. "They must take a proactive leadership role in detecting and disrupting scam activities at the source." He added inter-agency coordination also needs significant improvement. "The roles, responsibilities, and specific expertise of agencies such as the Malaysian Communications and Multimedia Commission, Cybersecurity Malaysia, and the police must be clearly defined and streamlined. "Enabling efficient and secure data sharing between these entities is paramount to creating a unified and effective response." Earlier, CyberSecurity Malaysia said scammers are using. Increasingly sophisticated tactics, Increasingly sophisticated tactics, including fake job offers, instant loan schemes, and counterfeit luxury goods, to lure victims into their traps. Selvakumar said beyond targeting jobseekers and shoppers, the proliferation of scam ads in Malaysia represents a critical, escalating cybersecurity threat across all digital platforms. "The scale of financial and emotional harm is immense, impacting our national economy significantly, with losses surpassing RM1 billion annually and estimated losses over the past year reaching nearly three per cent of the country's gross domestic product. "Scam calls and SMS messages, often tied to online ad campaigns, have also risen sharply here. "We face increasingly sophisticated tactics, leveraging AI, which overwhelms defences and exploits psychological vulnerabilities, requiring a broader, more urgent national response and, crucially, resolute action now, not a continuous cycle of action plans, as further delay will only exacerbate this worsening crisis. On Dec 3 last year, Prime Minister Datuk Seri Anwar Ibrahim told Dewan Rakyat Malaysia lost RM1.224 billion to online crime between January and October. Anwar said this included losses due to online scams, telecommunications fraud, e-finance crimes, love scams, e-commerce fraud, non-existent loans and non-existent investments. Selvakumar said a stronger and more unified national strategy is needed to boost scam awareness. He said while the National Scam Response Centre (NSRC) currently serves as the frontline agency, it needs significant empowerment; more resources, better inter-agency integration and critically, much higher public visibility to become the automatic first call for anyone suspecting a scam. "Alongside strengthening the NSRC, our awareness campaigns must evolve significantly. "We need to move beyond simply listing scam types and focus on building genuine behavioural resilience, teaching practical skills to recognise psychological manipulation and promoting critical thinking. "These campaigns must also be targeted effectively to different demographics and adapt rapidly to the constantly changing tactics employed by scammers."
