You Are In

  • Life Goals
  • Day To Day Banking
  • Deals & Promotions
  • Digital Services
  • Help & Support
  • Quicklinks

I’ve been scammed! What should I do?


If you think you’ve been scammed or detect unusual or suspicious activity involving your bank account, remember to:

Step 1

Inform the Bank immediately by calling our 24-hour hotline at +603 6204 7788.


For Company account, you may contact our Business Call Centre at 1300 888 828 (Local), +603 2297 3000 (Overseas)

from Monday to Friday (8.00am to 7.00pm) or Saturday (8.00am to 5.00pm excluding public holidays)

Step 2

Lodge a police report and notify the Bank with the police report to

Step 3

Instantly lock your CIMB Clicks ID via CIMB Clicks App or CIMB OCTO App. Step-by-step instructions available here.

Don’t be a scam victim. Be informed on the latest scams.

Money Muling


For fraudsters, transferring stolen funds directly into their accounts would make their whereabouts and activities easily traceable by law enforcement agencies.


In efforts to stay under the radar, money mules are recruited or used to help facilitate the movement of funds to the criminals.


In other words, money mules are used specifically to receive and transfer stolen money.


Fraudsters will try to recruit customers to use their personal banking account as an intermediary account by promising them rewards. Recruitment will normally be promoted via social media, chat sessions or even newspaper ads offering work-from-home job offers.

Love Scam


A type of online romance scam called "Love Scam" or "catfishing" involves a cybercriminal creating a false identity in order to trick a victim.


Scammers will take advantage of people looking for romantic partners by acting as potential partners on dating websites, apps, or social media. 

SMS / Phone


Customer receives an SMS or a call requiring him/her to call a given number to confirm a transaction involving customer's credit card or account information.  

Advertisement Scam


It is a fake advertisement that can be found on various websites, social media platforms, and the internet. Users of social media and online shoppers who look for particular products are the main targets of scammers. Victims might occasionally like that product and want to buy it, which is how an advertisement scam happens.

Malware Scam


A malware scam that involves accessibility control typically exploits the accessibility features available on mobile devices, such as Android phones. Malware may trick users into giving special permissions to harmful apps which are meant to help people with disabilities use their phones better like reading screen content. But once these permissions are given, bad apps can misuse them.


They might steal important information, like passwords or bank details, that users type into their phones. Sometimes, these apps create fake login screens that look real, tricking users into giving away their passwords without realizing it.

Take your security to the next level and protect yourself. 


The fight against cybercrime is a joint responsibility. Stay up to date and take action to protect yourself from falling victim to fraud and scams! 


Protect your Online Banking Details

Always remember to check your online banking URL access.


Ensure the URL is in full and without any typo:


CIMB Clicks:





Always remember to log out once you have completed your banking transactions.

Safeguard your Cards & PIN

Keep your cards and PINs in a safe place.


Be smart to create a strong password that contains a combination of upper & lower cases, numeric and symbols. Avoid using easy to guess information such as birth date.


Cover the keypad with your other hand while keying in your PIN at an ATM or at a Point-of-Sale (POS) terminal.

Protect your Personal Information

Pay attention to your transaction alerts and check your account activities regularly.


In case of any unusual activity, please contact us immediately by calling the number at the back of your card or refer to CIMB website ‘Contact Us’ page for contact details. 

Safeguard transactions on BizChannel@CIMB and CIMB Biz

Always validate details of the payment instructions, after payment creation and before payment approval.


Submit payments for approval at least a few days before they are due to allow for adequate time to verify payments.


When making bulk payments, verify and match transaction data against the source information by downloading the report from the BizChannel@CIMB platform.


Please DO NOT confirm the transaction without verifying.

Don’t Expose your Online Banking Details 

Fraudsters frequently impersonate representatives of government agencies and deploy fear tactics to get victims to divulge their Online Banking and personal details.


Do not click unknown/unverified links or open email attachments from unknown senders. Remember that emails from CIMB always end with ‘’.


When in doubt, immediately call the number of the back of your card to verify with CIMB. 

Don’t Reveal your Cards & PIN

Don’t write or record your PIN anywhere which is easily accessible to others or save your card details on your browser.


Always use Card PINs that are difficult to guess or random. Avoid using date of birth.

Don’t Share your Personal Information

Never share the following details with anyone or enter these details into any website other than CIMB Clicks, CIMB OCTO, BizChannel@CIMB, and CIMB Biz: 

  • Debit/Credit Card Number
  • User ID 
  • PIN
  • Password
  • Transaction Authorisation Code (TAC)


CIMB will never ask you for the above information under any circumstances outside of CIMB Clicks, CIMB OCTO, BizChannel@CIMB, CIMB Biz, and CIMB branches.

Protect your Device from Malware

Download apps only from official app stores like Google Play Store, Apple App Store and Huawei AppGallery to minimize the risk of downloading malicious apps.


Only grant accessibility permissions to trusted apps that genuinely require them for accessibility purposes.


Regularly update your device’s operating system and apps to the latest version and consider installing reputable antivirus or security software that can detect and block malware threats.