SHAH ALAM – Briefly lending a mobile phone to a stranger is unlikely to result in immediate financial fraud, according to the Bukit Aman Commercial Crime Investigation Department (CCID).
Federal Police CCID Director Commissioner Datuk Rusdi Mohd Isa clarified that scammers typically require far deeper access such as banking credentials or the installation of malicious software to successfully orchestrate financial theft.
For biometric data to be exploited, he said, criminals generally need additional layers of access, including passwords, Transaction Authorisation Code (TAC) numbers, or direct control over a victim’s banking applications.
“To date, there are no verified cases where financial loss was incurred simply because an individual allowed someone else to hold their device for a short period without further access,” Rusdi told Sinar Daily when contacted.
While acknowledging that AI-driven threats, such as deepfake videos and voice cloning, have surfaced globally, he stated that the situation in Malaysia remains relatively secure due to robust institutional safeguards.
Local banking systems employ sophisticated security measures that are difficult to bypass, such as two-factor authentication (2FA) which requires multiple forms of verification.
These systems also utilise liveness detection to ensure biometric scans are from a real person in real-time, alongside registered device verification that restricts banking access to a single, authorised device.
The police clarification follows a viral post on the social media platform Threads, where a user alleged that scammers were harvesting biometric data by borrowing phones in public places.
The post claimed that brief interactions could allow criminals to collect facial and voice data for AI-related fraud—claims that the CCID says are currently unsupported by evidence.
Rusdi confirmed that police investigations have not identified any organised trend or widespread "borrow phone" modus operandi, specifically in the Klang Valley or elsewhere in Malaysia.
He added that while scammers often target vulnerable groups, such as the elderly, youths and the digitally active, there is no evidence of systematic biometric harvesting via public device sharing.
Despite the lack of evidence for this specific trend, the CCID continues to monitor emerging tactics and advises the public to remain vigilant.
“If someone asks to use your phone, you should offer to dial the number yourself rather than handing over the device to maintain control.
“It is also essential to ensure all devices are protected with PINs or biometric locks and to never allow strangers access to sensitive applications,” Rusdi added.
Anyone who believes they have been targeted or possesses credible information regarding such activities is encouraged to lodge a police report or contact the National Scam Response Centre at 997 so that a detailed investigation can be conducted.