According to the telco notification, messages containing phone numbers will automatically be blocked, as well as those requesting personal data such as names, IC numbers, bank account information, and more. This ban will come into force starting 2 July 2023.
In case you missed it, major Malaysian telcos started blocking SMS messages containing URL links on 2 May 2023 as ordered by the MACC. This meant that any messages containing links would not reach users, but it only applies to person-to-person SMS. With links, phone numbers, and phishing messages being blocked from SMS, it will hopefully reduce the amount of fraud victims in Malaysia. However, users will still be succeptible to scam attempts through other messaging platforms such as WhatsApp, Telegram, and so on. As for messages containing URL links from businesses, they will still be allowed as long as they come from a five-figure numbers such as 6XXXX, 2XXXX, and 1XXXX. However, these messages will also be blocked later on, but the date for this implementation has yet to be revealed. With these changes, some businesses have started changing how they verify users and actions. For example, crypto exchange Luno is switching from SMS One-Time Password (OTP) codes to app-based notifications for verification. Touch n’ Go also moved away from OTP codes to a more secure method called TapSecure. Of course, major banks are phasing out codes in SMS messages in favour of their in-house authorisation systems. Maybank will require all online card transactions to be authorised through Secure2u starting from July 2023. On the other hand, CIMB has already made it mandatory for users to go through SecureTAC for all online transactions using CIMB Clicks.