The Bangko Sentral ng Pilipinas (BSP) issued a public advisory on Monday, warning financial consumers to be cautious of scammers who hack their way into getting personal information for the purposes of accessing one’s bank accounts.
Phishing, as broadly termed, is a form of identity theft, whereby someone steals or uses personal or sensitive information of another person without his or her knowledge or permission. This is done through hacking into one’s personal account, hijacking one’s data and taking over one’s online identity to commit fraudulent acts or conduct unauthorized business.
“Once the scammers have your information, it becomes possible for them to withdraw money of purchase items under your name, open a new bank or credit-card account, use your present account to illegally deal with other people or encash checks on your behalf,” the BSP warned.
These scams are usually propagated through computer viruses or are embedded in e-mails.
According to the BSP, the fraudsters usually send an e-mail with a generic greeting, such as “Dear Customer” or “To Our Valued Client,” with a message asking the recipient of the e-mail to verify or update one’s account, which, if not done, will result in account suspension.
“This message is usually accompanied by a link that, when clicked, leads to a spoofed or fake web site, which asks you to input your personal and financial information, such as user IDs, passwords and account and personal identification numbers,” the BSP said.
These people usually disguise their fraudulent activities through the use of official-looking logos or other identifying information from financial institutions or other legitimate organization.
Apart from e-mails, phishing may also be done in text messaging, chat rooms, electronic fake banner ads, fake mailing lists and fake job-search sites, among others.
As such, the BSP said that the proper way to deal with these is to not reply to suspicious e-mails.
“Ignore and delete the message. Do not click any link in a suspicious message. Do not give personal and financial information requested through e-mail,” the BSP said.
“Instead, call your bank and verify if such e-mail request is real. If you think you have given out information to a phisher, report the incident immediately to the company that was spoofed,” the BSP said.