Two major banking firms recently cautioned their clients against dubious emails and text messages seeking their personal information.
In an advisory last March 4, BDO Unibank said that it received reports of scam text messages and emails that send a supposed link of the banking firm’s supposed online login page, prompting their clients to send their account details.
“BE SMARTER THAN A SCAMMER. Do not enter your username and password. We will never send you links to our login page and ask for your account details,” read the advisory.
“Remember, the “https://” in the url and the padlock icon don’t make a website legitimate. Real BDO web page address have ‘.bdo.com.ph’. Always look for the dot at the start. For example: online.bdo.com.ph, not onlinebdo.com.ph,” it added.
BDO also attached a graphic of the interface of the official BDO Digital Banking login page and the URL.
The bank then urged its clients to report to them any similar suspicious schemes and web pages.
Prior to this, last December, BDO also warned the public against scammers using fake emails addresses to acquire account information.
“Scammers send emails using different banks’ names and logos to collect account usernames and passwords,” the bank said before.
Similarly, in an advisory on Wednesday, the Bank of the Philippine Islands said it received reports of emails that send suspicious links where interbank fund transfers can supposedly be canceled.
“#BPIcybersecuriTips: Nakatanggap ka ba ng email na diumano’y interbank funds transfer na pwede mong i-cancel sa pamamagitan ng isang link? Isa itong bagong istilo ng mga scammer,” read the advisory.
“Ugaliing basahing mabuti ang bawat email. Tandaan na kailanman ay hindi magpapadala ng email o SMS ang bangko para mag-cancel ng anumang transaction sa pamamagitan ng isang link,” it added.
BPI also attached an infographic telling their clientele that the bank never sends links via emails for canceling fund transfers.
“We will never send an email with an embedded link to cancel an Instapay or any transaction. Do not readily believe an email using a bank’s name and logo. Always verify first if it is legitimate. Never click links embedded in emails claiming you can cancel a transaction. These are phishing links,” it said.
A study by a cybersecurity firm previously reported a rise of cyber threats among businesses during the coronavirus pandemic, citing phishing and email breaches.
In the report by Fortinet, more than half of their participants or 60% of organizations saw an increase in attempted cybersecurity breaches and the other 34% have actually become victims.
The firm attributed the rise of cybersecurity threats to the reliance on personal device usage when most businesses shifted or adjusted to work-from-home arrangements.