Wednesday, September 19, 2018

#makeITsafePH: Phishing on Bank Accounts

I know this topic has been talked about for many times and ages BUT still, scammers evolved and still on the move to phish out not only our identity but also our hard earned money. Old news but still very rampant.

Before I start my sharing, let me tell this first. #makeITsafePH is a campaign initiated by Globe Telecoms to educate us internet and Information Technology (IT) users about cybersecurity and cyberwellness to avoid becoming a victim to online treats and crimes. I admit I’m no expert but I do hope that this story and upcoming ones will help you to be cyberaware.

Many months ago, or is it been a year (?), many banks asked all their clients to report back to their mother branch (the branch where we opened your bank account) to update our personal information. Of course, our work also coincides with the banking hours thus many had a hard time to do this. So what the scammers did was to ask ALL personal and private information including the login names and passwords thru email. What amazed me most is that I received emails from this scammers using the (name of) banks which I have an account to. I did not ever received a email from banks on which I don’t have an account. So my first question was: how did they know that I have an account on that bank?

photo from Bank of Philippine Islands thru Google search


Here are some signs to look for to determine a phishing scam email:

First, the email address “from” is not an official email address of your bank.

Let’s say for example that the official email of the bank is “customerservice@bankofrice.com”. for sure, the phishing scam email will never be the same BUT it might look like the same. Example, if that’s the official email, the phishing email might be “customerservicerep@bankofrice.com” or “noreply. customerservice@bankofrice.com”. Letter by letter and word by word it is not the same BUT on first glance it looks the same. 

Second and the most notorious one, the email contains a link.

When you read the email, it will ask you to click that link. That link mostly is on blue letter/phrase that says “update account here” or any similar phrase that have the same meaning. Some scam email I received even had two to three links, making sure that you will be enticed to click it. Kung sa tagalong pa “sigurista talaga” na nabasa mo at mag click ka.

If you received an email with a LINK don’t click IT pls. it will start the phishing process if you do.

Lastly, check the body of the letter.

Most of the time, the body of the letter gives you the command to do all this written. Others, it plants fear on your spine that your money will be gone if you did not follow the set of instructions. Phrases like "your account has been locked" or "suspicious activity" or "verify your account here" or words like "suspended" or  "frozen"  then followed by "click the link to unlock" are sure signs of phishing. 

For sure, as I said on the intro, scammers do evolved, so I guess, in the near future, they will change their MO (modus operandi). So what to do if this happened to you?

First, stay calm. As for me, I do nothing. I don’t click the link, I just mark it as “read” then the next time I visit my mother branch, I report it to the customer representative in person.

Second, visit your bank to verify that if you really need to update your account details. Specially if you receive emails many times in a week (persistent emailing).

Update your account in person NOT THRU EMAIL. While you are there, share to them the email that you received. They have a unit that chase these scammers. Yes you might lose a day’s worth of salary just to be absent for a day just to visit the bank. It’s better this way that to lose all your savings up to the last centavo from these scammers.

Here a true to life experience from a friend. She wrote this thru facebook status.

She received numerous emails for so called her bank. At first, she did not minded it for she is sure that it’s a scam. But since it’s a persistent emailing, she then click the bait link. And the pandora’s box went loose and lost her hard earned savings including their family budget (she is a breadwinner). The amount is four digit figure. It might be small to other standards BUT if you are the breadwinner and that amount is your family budget for the next days/weeks before the next salary, definitely, it is a HUGE amount of lost. Good thing her good friend is also a bank employee and told her what to do to get her money back. 

So please, do remember, never ever make some updates and verification of bank accounts thru mail, email, call and text, not even on meet ups outside your bank. Verify and update ONLY thru your branch of account.