PERHAPS more out of fear of being further penalised, most people treat police summonses as something that has to be paid immediately.

Receiving an email that says there are unpaid summonses would cause a lot of people to overlook basic internet safety practices, like checking to make sure the payment site address is correct.

In this context, are scammers sending police summonses via email and impersonating PDRM's MyBayar website?

Verdict:

TRUE

According to the Malaysia Computer Emergency Response Team (MyCert), cybercriminals have been sending phishing emails claiming to be from the Royal Malaysia Police’s MyBayar traffic summons website.

“After clicking on the link, users will be redirected to a fraudulent website that mimics the legitimate MyBayar login page.

“The website looks identical to the actual My Bayar website but has a unique Uniform Resource Locator (URL), which is ‘https://policefine.ipfsoftwares.com/steps/index.php’. The actual URL from My Bayar PDRM is ‘https://mybayar.rmp.gov.my/en’,” MyCERT said on its website.

Once a bank card is used to pay the fine, the scammer starts to harvest bank card data that consists of card number, expiry date and card verification value (CVV).

MyCert advises users affected by the scam to call the Malaysian National Scam Response Centre (NSRC) hotline at 997 within 24 hours or as soon as possible.

The public can also contact the Royal Malaysia Police (PDRM) via the CCID Infoline at 013-211 1222 or the CCID Scam Response Centre at 03-2610 1559 or 03-2610 1599.

To avoid falling into the trap, MyCert also advised the public not to click any adware or suspicious URLs sent through SMS, email, or any messaging services and to delete the scam email and mark it as spam so that the email filter removes it.