Bangkok: The "Sure Before Sharing" center has discovered a new form of cyber threat that is spreading. Recently, emails impersonating Kasikorn Bank have been circulating, alerting users to unusual credit card transactions totaling 26,830 baht. The emails include a clause stating that if the user did not make the transaction, they should immediately click a link to cancel it. This has caused many people to panic and click the link without thinking. According to Thai News Agency, a closer examination of the evidence reveals several inconsistencies. Starting with the sender's email, while it displays the name "Kasikorn Bank," a check of the actual email address in the backend reveals a [email protected] that is not the bank's official domain. Furthermore, the timeline in the system shows serious discrepancies. The notification email was sent to the victim at 6:27 PM, but the transaction details page, which tricked them into canceling, states the transaction occurred at 6:41 PM-a future time that had not yet materialized. After the victim clicks the cancel button out of fear of losing money, the fake system redirects them to a phone number verification page. This page then tricks them into entering crucial information: cardholder name, card number, expiration date, and the three-digit CVV code. If the victim falls for this trick and enters this information, the scammers can use it to make online purchases, draining the card completely. The "Sure Before Sharing" center emphasizes that no bank sends links via email to users asking them to cancel payments in this manner. If you notice any irregularities with your account or credit card, the safest way is to check the bank's official mobile application directly or contact their call center for verification. Most importantly, the CVV code on the back of your credit card should never be entered into any links whatsoever.
