Some smartphones have features that allow data synchronisation between the mobile device and online storage or cloud services in near real-time. Information that could be synchronised includes SMS, email, etc.
For smartphone users who had enabled the above-mentioned data synchronisation, sensitive information sent via SMS or emails by financial institutions (FIs), such as one-time passwords (OTPs), could be accessed by criminals if their login credentials to the online storage or cloud services have been compromised. Exposed OTPs together with online banking credentials or credit card information that had been harvested from the customers can potentially be used by criminals to perform fraudulent financial transactions.
Customers are advised to remain vigilant and take precautions against such cyber risks.
How can you protect yourself?
Use strong passwords for devices and online accounts.
Enable two-factor authentication (2FA)
Check the synchronisation settings on your mobile device. Ensure that sensitive data such as SMS are not synced
Report any suspicious transaction or activity performed on your account