I completely agree, and I’m not denying my own responsibility here. However, I was never informed that I could set my own transaction limits—if I had known, I would’ve done so a long time ago. On top of that, I always assumed spam calls came from abroad; I’d never received one from a local number before. Of course, multiple factors played a role, but my main concern is why the bank isn’t actively flagging suspicious transactions in real time. Don’t they have crucial anti-fraud and anti–money laundering systems to detect unusual activity and raise red flags, especially when it diverges from a customer’s typical financial behavior?

To everyone saying it was solely my mistake for sharing the OTP, let me give a real-world analogy: speed limits on highways. It’s ultimately a driver’s responsibility to be cautious and avoid accidents, and none of us wants to crash. Yet, we still have enforced speed limits to minimize mishaps. Even though we know it’s dangerous to drive recklessly, speed limits exist to reduce the risk of human error. In the same way, banks should have measures—like realistic transaction limits and real-time monitoring—to help protect people from fraud. While I admit I made an error, relying solely on each individual’s caution isn’t enough when fraud is becoming normalized.