As cybercriminals become more adept at phishing or stealing credentials to gain access to bank accounts, bank customers are urged to guard against new money transfer scams.
In support of the Bank Marketing Association of the Philippines (BMAP) #FightFraudTogether information campaign, Security Bank warned against phishing emails disguised as money transfer notifications from Instapay or Gcash or online banking emails.
“Scams like this work by telling customers that they have paid a certain amount to an entity. Those who are not aware of this scam are then led to click on the link provided to them and enter their confidential information. These links can direct you to a bogus banking website designed to steal data and money, ”Security Bank said.
When using a computer, the bank advised account holders to hover over the link or button for a preview of the actual URL provided in the email before clicking and continuing with a transaction.
Phishing is a type of social engineering attack. In most cases, a cybercriminal masquerades as a bank employee and emails customers about “issues” with their account.
Customers are then prompted to click on a link, taking them to a scam website where they can enter data such as account or credit card number, online banking details, and a one-time password ( OTP). This allows fraudsters to access their confidential information. Scammers then immediately change the password to take full control of the customer’s account and use it to perform illegal transactions, such as unauthorized fund transfers.
“What makes phishing so effective is that it easily tricks people into believing that the email they’ve received is from a legitimate source. Other subtypes of phishing include scams perpetrated by SMS (smishing) and phone calls (vishing), ”the bank said.
To avoid falling victim to scammers, the bank urged bank users to keep the following in mind:
– Never communicate your sensitive data to anyone. Your bank will never ask you for your OTP, CVC / CVV and PIN code by call, SMS or email. Do not share this sensitive information with anyone. Customers who initiate the call to the bank may be required to verify the information, but not the other way around.
– Examine the emails, texts or calls you receive. For example, are there grammatical errors? Are you being asked to click on a link? If the answer is yes to these questions, then a scammer is probably waiting to cheat on you.
-Check the claims. If you receive an email saying you’ve paid for something and need to complete the transaction, don’t click the link. Instead, check your bank account directly. Check your account to see if any money has been deducted. If your account balance hasn’t changed, this email is probably a scam.
-Know and follow your bank’s official channels like its website and Facebook page. Take note of the official customer service hotline numbers. If you receive a suspicious email, check its legitimacy through these official banking channels before clicking anything. A fake FB bank page or a phone number that does not belong to the bank is an automatic red flag.
In addition to knowing how to protect themselves, consumers are encouraged to report cybercriminals. Amid the ongoing mobility restrictions caused by the COVID-19 pandemic, more and more people rely heavily on digital transactions. This has spurred increased online usage and a growing preference for cashless payments. However, this has been accompanied by a growing number of cybercriminal incidents creating new ways to steal confidential data and take advantage of bank customers.
Subscribe to our regional newsletter
Disclaimer: Comments uploaded to this site do not necessarily represent or reflect the views of the management and owner of Cebudailynews. We reserve the right to exclude comments that we deem inconsistent with our editorial standards.