High value transfers should be subject to additional scrutiny to confirm it’s legitimate.
The hard part is making sure you balance that well enough so that you’re protecting against malaise without the bank then becoming a consumer problem themselves.
It will be interesting to see how well this works.
Couldn't find anything that indicated there was a mass freezing of legitimate accounts, or a singular complaint of an incident of that happening.
* Can't copy paste...is the article an image!?
I can't check right now, but I'm guessing they set `user-select: none` in CSS.
A browser is a 'User agent', as in it is supposed to act on MY behalf, and things in my intent and benefit. Similar agents are real estate agents, or attorneys as my agent.
So... For something that is MY agent, why are browsers creating, and instituting anti-agent choices against my will?
Barring excuses of "following the spec", I should be able to easily disable my user-agent's execution of said onerous code.
(I'm ignoring this for Google chrome. They're an adtech company, and they won in court as a monopoly. Fuck them.)
It's supposed to implement the spec. Why are you and many other people on this site so attached over the wording of "user agent"? It is supposed to mean the software making the request, it doesn't mean anything more than that.
As it happens, the relevant standard actually includes a response to this argument (https://www.w3.org/TR/css-ui-4/#valdef-user-select-none):
"As user-select is a UI convenience mechanism, not a copy protection mechanism, the UA may provide an alternative way for the user to explicitly select the text even when user-select is none.
Note: none is not a copy protection mechanism, and using it as such is ineffective: User Agents are allowed to provide ways to bypass it, it will have no effect on legacy User Agents that do not support it, and the user can disable it through the user style sheet or equivalent mechanisms on UAs that do anyway. Instead, none is meant to make it easier for the user to select the content they want, by letting the author disable selection on UI elements that are not useful to select. Tools such as CSS validators, linters or in-browser developer tools are encouraged to use heuristics to detect and warn against incorrect or abusive usage that would hamper usability or violate common user expectations."
Not neccessarily. For example, piracy is so harmful that it could still outway the cost to a user even with a multiplier given to the user's cost. For example the user's cost is 10 and the author's cost is 100. Even with a 5x priority for the user, the needs of the author outweigh it.
In fact the last thing you want to do is give criminals warning that you’re going to freeze their accounts. I’d imagine that would be extremely counterproductive for everyone bar those criminals.
If two people accounts were unjustly frozen (and they have to do some work to unlock them), and at the same time two hundred people life savings were saved, would that be OK with you?
I don't know about them, but there are plenty of ways for law enforcement to get mule account numbers. After all that's the whole point - actual criminals don't have to reveal their own identity, instead they convince a "mule" to (knowingly or not) participate in a crime.
But that doesn’t mean that freezing an account suspected of fraud isn’t the right course of action.
Yeah there’s going to be false positives. However that’s precisely why you freeze the account: to allow you time to follow due process and investigation. If you assumed the process was infallible then you wouldn’t need to freeze the account; you would just skip straight to the punishment and remediation stages ;)
> However that’s precisely why you freeze the account: to allow you time to follow due process
Due process comes before the actions.
But that would just mean they are very biased, since they are kind of defending their own money. Right now they are a bit more impartial.
They did a crackdown where if the name associated with the phone number on the account didn't match the name on the bank account then they froze it
Also they froze most accounts owned by foreigners with specific visas
It really had nothing at all to do with mule activity, they were using blanket heuristics
Mr Bob Smith is married to Mrs Alice Smith. The bank has their status as married, which they have been given copies of marriage certificates over and over and over for many years.
Bob works, and Alice is dependant based on Bob's visa.
Bob has an account, Alice has an account, and they also both have credit cards under their own names. Bob and Alice also have joint accounts, where most of the money is, and it is a lot of money, enough that Alice and Bob have "VIP" status at the bank, and they've been good customers for about a decade.
Alice and Bob have recently updated all FATCA, CRS, and whatever other insane bullshit has been asked of them by the bank. Alice and Bob have Thai tax IDs, which the bank also has.
Alice and Bob have cell phones of course, and naturally, the family phones are in the account "Bob Smith"
The bank freezes Alice account.
Alice goes to the bank in person. The bank doesn't unfreeze the account, they demand she change her phone account to be in her name.
Yeah, for real.
Bob isn't happy. He thinks Thais shouldn't rely on these banks and should use cash as much as possible and avoid QR payments as much as possible.
Which to me seems entirely reasonable limit. Such transactions are relatively rare.
That’s mostly annoying for inter accounts movement if you move money around a bit but I think you would get higher capacity if you are concerned.
That means unusual payments like home purchases can be approved. But fraud is significantly harder…at least in theory.
So many questions...
Update: my Thai friend just wrote me this:
"Not in trouble, it's the Chinese and Russians money laundering. Every Russian has had their accounts suspended, this was about half a year ago, now they are slowly doing the Chinese and Brits too. Vietnam is not much better, also suspending all foreigners accounts until you can prove you have a trc here."
Update2: just saw this on IG… https://www.instagram.com/p/DOZM0ZOkUAy/
Fraud has always been around, but I think a few recent developments have exacerbated the problem. KYC has been relaxed a lot since Covid, so you can open a whole bunch of accounts with just an image of an ID card. Lots of elderly people now have access to mobile banking, so they don't have to visit a physical branch where a clerk can flag suspicious transfer requests.
Bank accounts in South Korea now start with a daily transfer limit of 1 million won (about $700), even lower than the 50k bhat limit that the Thai government has instituted.
KK Park – a vast, heavily guarded complex stretching for 210 hectares (520 acres) along the churning Moei River that forms Myanmar’s border with Thailand.. with its on-site hospital, restaurants, bank and neat lines of villas with manicured lawns, looks more like the campus of a Silicon Valley tech company than what it really is: the frontline of a multibillion-dollar criminal fraud industry fuelled by human trafficking and brutal violence.. Myanmar, Cambodia and Laos have in recent years become havens for transnational crime syndicates running scam centres such as KK Park, which use enslaved workers to run complex online fraud and scamming schemes that generate huge profits.China's Silk Road ends in Sihanoukville Cambodia. If you've ever been there, you've seen the eco-devastation and utter disregard for human life along the entire road.
They pay a low-income/no-income person a small fee (possibly monthly) to let them borrow their account. Sadly, people who would fall into this are not hard to find in Thailand.
> What sort of KYC was going on?
There are accounts that are grandfathered in and don’t require KYC but have been able to access online banking, etc. Mine is such, and my bank (BAY) is discontinuing that particular loophole at the end of this month. (I'm in Thailand right now to do this KYC, despite having not come back here for the last 6 years.)
(ETA: HN title has been re-edited, previously didn't have the "to curb fraud" clause.)
If you have a better suggestion for an abridged headline then you could share and hopefully the submitter can still update this submission.
Even if the anti-fraud motif is genuine, that’s a pretty extreme amount of control. Not that it’s in any way strange coming from Thailand. Foreign exchange and capital inflow and outflow are already controlled.
> Assistant [Bank of Thailand] Governor.. acknowledged that current procedures for identifying and freezing suspected “mule accounts” need refinement to prevent harming innocent customers. Many account holders have taken to social media to express frustration...
The $10,000 figure originated with the 1970 Bank Secrecy Act[1]. Back then, that was a lot of money.
If it had kept up with plain old vanilla government-reported inflation, the number would be closer to $83,000 today[2].
---
[1] https://www.fincen.gov/resources/statutes-and-regulations/ba...
[2] https://www.dollartimes.com/inflation/inflation.php?amount=1...
> Bank of Thailand (BOT) will meet with commercial banks and the Anti-Online Scam Operations Centre (AOC) on Monday to address growing complaints about the wrongful freezing of bank accounts.. after small retailers and individuals reported being abruptly cut off from their funds without warning or recourse.. Assistant BOT Governor.. acknowledged that current procedures for identifying and freezing suspected “mule accounts” need refinement to prevent harming innocent customers. Many account holders have taken to social media to express frustration over being unable to access their money or conduct business after transfers from unknown sources triggered automated freezes.
Good name for an AI agent orchestration framework.
this wasn't a swift action overnight
they could be blocking this many accounts on a yearly basis just from scam reports at the police station
or more which seems to be the case recently, but not overnight
this is bad article
As emergency measures usually are.
Thailand doesn't want foreigners holding accounts. They've cranked up the requirements over time. It used to be possible to open an account as a tourist and now you're lucky to be able to get one on any visa that isn't attached to a work permit or PR.
The abbreviation “M” for million can lead to confusion in finance. Historically, “M” derives from the Latin word “mille,” meaning “thousand.” As such, it has traditionally been used in some accounting or construction contexts to denote a thousand. For example, $5M could historically represent $5,000, creating ambiguity.
To represent one million in finance, the abbreviation “MM” is widely used. This notation originates from “mille mille,” meaning “thousand thousands” in Latin, equating to one million. This clarity makes “MM” a preferred choice in financial statements and reports.
Other abbreviations for million, such as “mn” or “mln,” are also encountered.. The Financial Times, for example, adopted “mn” for millions to improve accessibility for text-to-speech software. While these alternatives exist, “MM” remains a prevalent and widely understood abbreviation for million in American finance.The Wikipedia on long and short scales[1][2] for the root of the problem.
[0] Goharshady, A. K. (2021). Irrationality, Extortion, or Trusted Third-parties: Why it is Impossible to Buy and Sell Physical Goods Securely on the Blockchain (arXiv:2110.09857). http://arxiv.org/abs/2110.09857
Also kinda pointless though.
> Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers.
Emphasis added.
It is conceptually possible to create a crypto "credit card". But given that existing transactions are already slow, expensive, and complicated to integrate - I can't see it being attractive.
There's also the issue of trust. Escrow merchants need to be highly-trusted by both sides. They also need regulation and insurance. Those things are all in short-supply in cryptoland.
Credit cards have a 3% charge on everything. That is a LOT of money but we allow it partially because of the insurance attached to it.
We pay for title companies for property exchanging partially because of the insurance.
We pay for insurance for the insurance.
It is a very confusing way to write the number and no explanation seems to fit, other than "There is a second 'M' to avoid clash with the company name '3M'.". Is that the explanation?
But "mille" means 1000. Specifically, it was the distance covered by 1000 paces from a marching Roman soldier. It's more consistent to measure paces than steps in the face of left/right asymmetries, so it's the unit implied when you just say you're marching 1000.
It still kind of reasons that if the idea for MM is to be more precise/clear than M, they’ve not done a very good job picking a clearer abbreviation.
To represent one million in finance, the abbreviation “MM” is widely used. This notation originates from “mille mille,” meaning “thousand thousands” in Latin, equating to one million. This clarity makes “MM” a preferred choice in financial statements and reports."Thousand" is always "k" or "K". "Million" is "M", "MM", "m", "mn", or "mln".
But if you pay attention to GPS jam maps and news sources, they are currently also under significant unrest.
https://thediplomat.com/2025/09/indonesias-unrest-revives-fe...
> Over the past two weeks, Indonesia has been rocked by some of the most widespread unrest in recent memory, with mass demonstrations erupting across Jakarta and other major cities. The protests are the result of long-running economic strain, political discontent, and public outrage at perceived elite entitlement.
Its basically a worldwide proletariat uprising against the elite. And the current article hits people in the pocketbooks. And any protestors who are gaining popularity will undoubtedly be in those 3 million accounts blocked.
It's gotten worse for me lately, where I keep mixing up train stations and locations with similar names or characteristics, so I can totally imagine hearing Thailand and thinking about Indonesia instead.
A scam network takes over phones, tricks people on friends lists to follow directions so their phone can be remotely controlled (Apple and Android). Then the cycle repeats and they try to drain bank accounts in the process.
Thailand is placing 50k maximums for digital transfers then adjusting over time based on … 50k baht = $1,575 USD
https://support.apple.com/guide/iphone/request-give-remote-c...
The hook was that you pre-pay some amount, do some trival work, then get like 500% return on your "investment". So they filter+train their mark by having them sign up for whatever financial transfer workflow, and figure out how gullable they are by giving them some payouts. A big part of this is some chat-group where lots of other fake-workers post comments saying how nervious/risky it seems and how sometimes the payment is delayed but they all eventually get paid. Eventually they let the mark sign up for some high-value amount, like equivalent of a few thousand USD. When the mark doesn't get paid, they contact the "technical support" team that then tries to social engineer the victim to loose even more money transferring funds the wrong direction (the scammers picked financial apps that make this mistake easiest).
I kind of find it unbelievable that people fall for this stuff, but the obvious proof is that enough people do :(
Also the initial "tasks" the mark performs are worth only like a few USD. not worth anybody's time except for certain types of vulnerable people who not-coincidentally make good victims.
I remember reading a headline that being poor is equivalent to losing about 5 IQ points. Don’t know how true that is, but my intuition tells me that most people financially struggle, spend a lot of extra time worrying about money, and in general act a little more desperate and would be a little more aware/skeptical if their stress + financial situation allowed it.
After a few years working in cybersecurity, I viewed EVERYTHING through the lens of “is someone lying to me?”. Emails, text messages, downloading software from a website/App Store, job offers, investment opportunities, etc.the surface area is limitless. There’s exactly zero chance that even an experienced professional with excellent eyesight, who reads up on the newest scams, who doesn’t have lots of family / social events to care for, etc will never get hacked/scammed.
Even in the cybersecurity industry, almost all companies have abandoned the idea that there will never be a breach, and have moved towards thinking about resiliency, where any breaches that do happen are minimized or closed quickly/automatically.
That’s a lot of words to say: even though I thought I would never get scammed, once I spent more time educating myself about how it happens, it seems obvious to me that scams work a percentage of the time and the scale of attempts is enormous.
I generally look at risk as a two-dimensional graph, with the axes being Probability and Severity, and the action strategies as being Prevention, Mitigation, and Remedy.
If we get realistic about likelihood and impact, we can figure out how to reduce the damage.
One trick a wealthy friend of mine uses, is keeping a small checking account, that he fills with just enough cash from his brokerage, so that even if his cards/accounts get pwned, he can't lose that much.
But ultimately, it’s a heuristic and is imperfect.
One example thing which bypasses weakness to this heuristic: when you import a programming language library or a “curl pipe bash”: how much research do you do to verify the authenticity of the library, the security of the package and contributors, that you didn’t typo and accidentally install a lookalike malware, etc? And then every time you take an action which updates the same thing, are you equally as rigorous and vigilant as the first time?
I just received a monitor at no-cost because the first one I bought had a hardware defect - the company didn’t respond to my attempt to contact them, so I returned it to amazon and left an accurate review. The seller followed up and sent me a non-broken one. If I’d ignored this, not only would I be down a monitor, I’d have just assumed the entire product category - of which there seems to be only a single supplier (16” 2880x1800 AMOLED monitors that match up perfectly to 27” 5K monitors when placed in portrait mode) simply wasn’t workable with my setup for whatever reason.
My dentist recently called to reschedule an appointment. I could have insisted that I call them back, but that just wastes everyone’s time for a conversation that has no real scam potential.
(I have had a few fraudulent charges on my credit cards but I don't really consider those to be scams and they're easy to resolve.)
For example, we're insanely good at pattern matching, but the flip side to that is we're not effective at spotting the rare subtle difference.
Human cognition has evolved to be very good at some things but is terrible at others. We're great at spotting patterns, and terrible at spotting the rare subtle exception.
If you haven't fallen for anything, great, but that's because no one has ever cared enough to target you personally.
And incredibly, someone usually is. Most software download sites have so many UI elements saying "Download", on their downloads page, but only one of them is the legit software you want, and others are some random software that paid money to the website to be there to... probably try to get themselves installed and scam you some more.
I just checked the Google "play" store: searching for "Temu" (I know, dumb, but there was an ad on the main screen of the store), in the page of search results, the first install button is for the sponsored Alibaba app...
Even billion dollar businesses are... trying to scam you. "Don't be evil" no more indeed.
PS "full self-driving", also a scam..
Poor people also spend a lot of time using cash equivalents rather than credit.
There is a big advantage to using credit. For example, I don't worry too much about fraud on my credit card as the reversibility means that the banking system is taking care of it. If a suspicious transaction hits my ATM card, the bank absolutely jumps on it since it simply doesn't match my patterns of usage.
On the other hand, if you are using your ATM card or cash transfer apps all the time, you're a ripe target for getting scammed. The protections are much weaker and the reversibility (if any) is much worse.
This doesn't even get into the fact that, as a poor person, the people you are transacting with are also stuck in the same system for various reasons of various levels of dubiousness.
Oh thank you for highlighting that, I've had some instance where I'd suddenly have the urgent feeling that something I'm experiencing is a hoax and I couldn't tell why this suddenly surfaced back then, but I guess years of exposure to security does that to one.
Later, I think I stretched the thought exercise to start identifying new business opportunities (trying to find value in protecting against each of those things I identified).
At the same time I grew “professionally paranoid”, I was learning about epistemology and skepticism (to try to understand the cultural and political changes of the last decade). It’s been a wild ride.
Some government forms and processes for poor people assistance I've seen (and I imagine that forms and processes for new immigrants may be similar)... some of it is insanely kafkaesque, implemented with incompetence/indifference in both official communications/documentation, and sometimes on an individual human representative basis, with the effect of making no sense at all.
So I'm not at all surprised if someone who doesn't understand how some category of things works in reality, is easily tricked into believing a scam. Because the scammer is no more ridiculous than some of the official government bureaucracy they've been subjected to.
(BTW, I'm not anti-government. I support what some would call "big government". I'm only horrified at how poorly done it sometimes gets in the details. I know that, when it is done poorly, it is going to have very real negative effects on people's lives, including on the least powerful. I believe in good, big government.)
The first is that politicians want to get credit for creating the program, but also don't want it to cost a lot of money. Their incentive is to create a program that sounds good but does and therefore costs as little as possible. But making it obvious that it doesn't do much compromises the "sounds good" requirement, so instead they make a bunch of complicated rules and barriers that keep the price tag low but in a way which is difficult to understand. Relatedly, the people administering the programs are often under orders to accept some particular number or proportion of claims, again for budgetary reasons, and then if there are too many they have to start fabricating barriers themselves.
The second is that there is no accountability mechanism. Some majority of voters support the idea of the program, but they've been assured that it was created and exists and have no idea what a mess it is, and only a small minority are recipients. So if things are unintentionally broken, they don't get fixed, because the majority isn't aware of the problem and that's the only thing that gets politicians to address it.
It's not because of politicians opposed to the program. If politicians opposed to the program have a controlling majority then they simply repeal it. It's the politicians who support the (pretense of) the program who screw it up.
This is one of the reasons why complicated systems with many overlapping benefits each with their own application process and phase out rates are so ineffective, and the better way to address this is with simple direct transfer payments like expanding the EITC or a negative income tax.
There's little political pressure to make it easier, and constant worries about "fraud" by claimants, or means-testing, which is turned into adding more and more fields to the form.
At the risk of accidentally demonizing the poor, I remember reading a think piece that could be summarized as “morals/ethics are a luxury only the rich can afford.” The gist is that if you can’t afford to quit your job on the spot and not worry about paying rent this month, you will always be victim to your boss’s unethical actions lowering your ethical standards.
As an engineer, I have frequently challenged myself to empathize with the VW emissions scandal engineers, who were pressured to meet unrealistic emissions and deadlines. The managers didn’t have to explicitly tell them to build emissions testing defectors — they came up with that as an engineering solution to the requirements they were given. I ask myself: at what point would you have quit, and hopefully told the authorities?
Also more recent example is the staff of the submarine that went down to the site of the Titanic and imploded. The CEO was apparently an unbelievable bully and took extraordinary risks, but the staff didn’t quit. One of them was a Scottish immigrant who moved his whole family to take the job. He was also worried about being blacklisted from the entire private sector submarine industry. There was a lot of friction to being able to exercise his highest ethical standards.
Thailand is more or less at war with Cambodian war lords, who have tens of thousands of poor English speakers from around the world living in captivity, their passports taken away, running long term scams over the internet. When they have no money and no power to run, is it fair to blame the low level scammers for having fallen for a job scam months or years ago?
The more financial pressure you are under, the more likely you are to tolerate an unethical environment.
mlinhares•4mo ago
Its sad that these scams are so widespread today that a heavy handed approach like this is necessary. Unfortunately doing these attacks is incredibly cheap :(
esafak•4mo ago
dlisboa•4mo ago
It’s also a different kind of enemy. The biggest crime organization in Brazil has switched their primary focus from drug running to financial scams. They invest millions and set up legitimate companies with hundreds of employees to facilitate these schemes.
xbar•4mo ago
1. Banks need to own the risk, not the customer 2. Banks need to spend to defend 3. Laws need to make organized fraud catastrophically criminal.
There is a reason Singapore does not have this problem.
oefrha•4mo ago
> It hit a record high last year, with $190.9 million stolen in such scams, more than five times the $36.9 million lost in 2019.
Can't find more recent concrete figures in a minute or two but their police are busting balls through international collaboration in 2025 so they must have a big problem still: https://therecord.media/asia-scam-center-takedowns-singapore...
I've seen bank defending people before with my own eyes. I was at a local branch doing some business and there was an old lady wanting to withdraw something like $50k to "pay a mortgage" or something, it was obvious she was scammed, the bank blocked her transaction and the teller was explaining to her she was scammed, and the old lady was shouting at the teller saying it was her money and they had no right to stop her. That's the thing, a lot of scam victims really don't believe they're scam victims until it's too late, and "it's their money, the bank has no right to stop them".
nmfisher•4mo ago
ifwinterco•4mo ago
Marsymars•4mo ago
They can certainly try. I’ve had a handful of legit fraud instances on my accounts, banks detecting before I do has been close to a coin flip. On the other hand, I’ve had at least an order of magnitude more false positive detections of fraud.
kattagarian•4mo ago
dkga•4mo ago
catlikesshrimp•4mo ago
The final solution was disabling the ATM network durimg night, except the ones located in safe places. Showing you are drawing money in a hurry in a lone hut in the night was a bad idea, anyways.
ryandrake•4mo ago
Unfortunately, whenever governments try to solve the wrench attack, they do so by removing the end user's control over their own stuff.
Marsymars•4mo ago
robocat•4mo ago
Why did they visit multiple ATMs?
teachrdan•4mo ago
throwaway2037•4mo ago
teachrdan•4mo ago
jajko•4mo ago
msm_•4mo ago
To be honest, in my country I can also transfer all my liquid money (not countings stocks etc) with just my phone. The difference is that i'm not afraid of being kidnapped (it's safe here). And anyway, how much does normal person hold in the cash account? People living month-to-month don't have much anyway, while people with savings usually keep them in stocks/bonds/etc.
israrkhan•4mo ago
duxup•4mo ago
crazybonkersai•4mo ago
IshKebab•4mo ago
tencentshill•4mo ago