Fraud syndicate withdraws Tk 2.7m from credit cards of 54 Standard Chartered Bank customers
A fraud ring has devised a novel method to withdraw funds from the credit cards of Standard Chartered Bank (SCB) customers in Bangladesh.
Even though customers had not carried out any transactions, sums of Tk 50,000 at a time were transferred from their bank accounts to multiple mobile financial service (MFS) accounts. The fraudsters subsequently withdrew the funds from there.
According to sources within the banking sector, in the final week of August the syndicate withdrew a total of Tk 2.7 million from the credit cards of 54 SCB customers. Following this, the bank suspended the facility that allowed transfers from cards to bKash and Nagad MFS accounts.
In a text message to customers, the bank notified that the “Add Money” option on MFS apps had been temporarily disabled to ensure secure transactions.
SCB authorities reported the matter to Bangladesh Bank and law enforcement agencies after receiving complaints from customers. Bangladesh Bank has already launched an investigation.
When contacted, neither bKash nor Nagad authorities were willing to comment on the matter.
The issue came to light at the beginning of this month, after several SCB customers took to social media to report that within seconds of receiving a one-time password (OTP) on their phones, Tk 50,000 was deducted from their accounts, despite none of them having shared their OTPs or accessed suspicious websites or apps.
Victim Hasin Haidar wrote in a Facebook post, “Tk 50,000 was suddenly deducted from my Standard Chartered Visa card and transferred to a bKash account. Although I received an OTP on my phone, I did not share it with anyone. Yet within 20 seconds the money was gone. But the bank is saying that since the transaction was completed with an OTP, it is the customer’s liability.”
She further wrote, “But I did not share my OTP. I believe this is a bank security issue. On 26 August at 7:43 pm, Tk 50,000 was withdrawn from my card. This cannot be anything other than a security breach.”
Another victim, Sadia Sharmin Brishti, posted, “In over seven years of using my card, this is the first time I have fallen victim to such fraud. Tk 50,000 was also transferred from my card.”
When approached, SCB officials said that after receiving multiple complaints, both the local and global technology teams of the bank carried out a thorough review of its security systems, but no internal flaws were identified.
As the money was stolen via the “Add Money” option of the bKash and Nagad apps, the issue, they argued, must be clarified by the MFS providers.
Sources at Bangladesh Bank confirmed that the funds transferred into the bKash and Nagad accounts were withdrawn in cash within minutes, after which the mobile numbers were deactivated. This, they said, clearly points to the involvement of a highly organised fraud ring.
Speaking to Prothom Alo, SCB Bangladesh’s managing director, Lutful Habib, said, “To date, 54 customers have lodged complaints with us. We have reported the matter to the law enforcement agencies and Bangladesh Bank. They are investigating the matter. The true picture will certainly emerge from their inquiries. The culprits will be identified and brought to justice.”
“No weakness has been found in the bank’s own technology systems. The incident occurred through the ‘Add Money’ option of the MFS apps. For this reason, we have temporarily suspended the facility of transferring money from our bank cards to MFS apps. Once the facts are fully established, a decision will be taken regarding the resumption of this service,” he further said.