The trick is called “social engineering” in which scammers work their way into a position where they can manipulate people into trusting them so people will give up confidential information, such as one-time passwords (OTP) that are used to verify payments, often unknowingly.

“A few months ago, I was a victim of a scam. I lost almost Rp 11,000,000 because two of my Gojek Pay accounts were hacked,” said Indonesian singer Aura Kasih during a press conference on cybersecurity at Gojek headquarters in Jakarta recently.

The scammers claimed they were from the Gojek office and were trying to process her digital payment and then eventually managed to trick her into giving away her verification codes. Aura said at that time she was unaware of what OTP was and why it could not be shared with anyone else, including to Gojek officials.

The Center for Digital Society (CfDS) researcher Adityo Hidayat explained that different schemes of social engineering had emerged over the years. “Maybe we are familiar with the scam the ‘mama minta pulsa’ [mom wants phone credit] scam,” he said at the press event. Adityo was referring to an infamous scheme that blew up between the year 2013 to 2017 in which involved scammers sending SMS pretending to be the receiver’s mother and asking for an amount of phone credit.

A record 11,800 people had fallen victim to the “mama minta pulsa” scheme by 2017, according to a statement by the National Police-Criminal Investigation Department (Bareskrim) economic crimes chief Brig. Gen. Agung Setya, as reported by kompas.com.

Based on a study conducted by the research center on the phenomenon of social engineering fraud by analyzing online news on the issue between the years 2013 to 2019, new types of cases have emerged targeting credit cards and cashless payment app users.

Popular

Decline in Indonesia’s press freedom alarming

Garuda Indonesia grounds 15 planes over maintenance, financial issues

Government forms anti-extortion task force