Scammers posing as Maxis mobile agents are calling up people to trick them to give away their TAC/OTP number. The TAC/OTP number is used to login into Maxis portal. The scammers will call up the victim and then tell the victim that they have won some prizes from Maxis and they need to provide the TAC/OTP sent out to the victim's SMS number to claim the prize. The prize offered was a RM500 Aeon gift voucher. The profile picture of the scammer was a Maxis logo to make the call seem genuine (Whatsapp call) and coming from Maxis. The scammer spoke in Malay and his voice had a tint of Indonesian accent is highly suspicious.
Maxis mobile portal signing just require phone number and the TAC/OTP from the particular mobile number. So far the motive of the scammers is not known but I'm guessing it's used to buy things at Maxis store (phones) and then delivered to another location all at the expense of the mobile number owner (aka victim). It's also possible that the scammer will buy prepaid credits from the Maxis portal, also at the expense of the mobile number owner.
The Maxis team seems to be aware of the scam, hopefully more secure measures can be implemented by Maxis to prevent these scammers from scamming victims.
I checked the scam groups for similar cases and found there's also a few variations of this scam, for some of the cases, the initial contact point will be from a Whatsapp message instead of a caller. The scammers even forward pictures of their (fake) employee card to proof legitimacy.
The modus operandi of the scammers are very similar to Airasia BigPay wallet phishing scammers in the past years. I wrote a post about the BigPay wallet scam here. Bigpay wallet phishing scams have reduced a lot after Bigpay declare war on scams and further improved their security procedures and infrastructure. This mobile phishing scam can happen to other telcos like Celcom so it's best for the public to be aware of the scam.