Here’s how to spot, avoid phishing – BSP | Inquirer News
Close  
4 VARIATIONS: SPEAR, PHARMING, VISHING, SMISHING

Here’s how to spot, avoid phishing – Bangko Sentral ng Pilipinas

/ 04:59 AM January 31, 2022
TELLTALE SIGNS OF FRAUD

TELLTALE SIGNS OF FRAUD The central bank says phishing emails are made to look legitimate but often contain generic greeting, grammatical errors, sense of urgency and no verifiable contact details of the sender. —SCREENGRAB FROM BANGKO SENTRAL NG PILIPINAS

MANILA, Philippines — With incidents of unauthorized transactions in some teachers’ bank accounts, how can users ensure they would not fall victim to a phishing scam?

According to a primer of the Bangko Sentral ng Pilipinas (BSP), phishing happens when unexpected or suspicious emails ask for personal information, details of bank account or credit card, or passwords.

ADVERTISEMENT

Scammers gain access to these sensitive pieces of information when the bank clients click a link to a usually fake or spoofed website, which often looks very similar to the real webpage.

The BSP said there are four variations of phishing: spear, pharming, vishing and smishing.

FEATURED STORIES

Spear phishing is targeted attacks on specific individuals or companies while pharming redirects a user to a fake website where personal or account information would be stolen.

Vishing happens when the clients receive voice calls, automated recording, or voice-over-internet protocol from someone who is pretending to be an employee of the bank or a company well known to the target to obtain information or account details.

Smishing has the same modus operandi as phishing but instead of email, it uses text or short message services (SMS) on mobile devices such as mobile phones.

According to a BSP module on fraud and scam prevention, things to look out for in a phishing email include: generic greeting, misspellings and sometimes wrong grammar, a link to a spoofed website and an urgent message persuading the recipients to update their account immediately.

Gadget security

To avoid phishing, the BSP said users must not provide personal information, account details or passwords especially via emails.

“Your banks or financial institutions will never ask for such information through email. Do not click links or attachments in these emails,” it said.

If the bank clients receive an email, they should call the financial institution to verify if the email was legitimate, and then ask if the bank sent the particular email.

ADVERTISEMENT

Bank clients are also encouraged to update their gadgets’ security and antivirus features and upgrade their operating system and applications.

They must also download only the legitimate banking apps and online shopping apps and avoid downloading or installing suspicious software. In short, they should avoid installing apps they are not familiar with. To ensure the security of their connectivity, users must avoid using public computers and free Wi-Fi connections.

When doing online transactions, the BSP said the clients must ensure that the website is secure and legitimate, clear the browsing history or cache regularly and disable plug-ins and the “save passwords” feature.

Activating a two-step verification process such as the one-time password protocol or multifactor authentication would increase protection, as well as enabling text or email alerts for any activity in their accounts.

Reminders

From an initial 11 cases of unauthorized transactions in their Land Bank of the Philippines payroll account, the number of teachers and staff of the Department of Education (DepEd) who reported their concern has gone up to 26, according to Teachers’ Dignity Coalition (TDC) chair Benjo Basas.

One teacher reported losing up to P292,000 of savings, Basas said. The TDC chair noted that a labor lawyer has committed to assist the teachers in forwarding their complaints to the concerned government agencies.

Education Undersecretary Revsee Escobedo said DepEd was coordinating with the state-run bank for the investigation of the unauthorized withdrawals in the payroll accounts.

“[DepEd] is also preparing on providing tips/reminders to avoid online scams (i.e. phishing), so our teachers/employees will not be victims of unauthorized access and data/info theft,” Education Undersecretary Annalyn Sevilla said.

Some teachers and DepEd employees have disputed the assessment of Landbank that their devices were compromised due to the phishing scam.

Justice Secretary Menardo Guevarra has also directed the National Bureau of Investigation to submit a progress report within 30 days.

Meanwhile, the BSP said that if the victims are not satisfied with Landbank’s action, they could bring the matter to the central bank.

Read Next
Don't miss out on the latest news and information.

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

TAGS: Bangko Sentral ng Pilipinas, BSP, phishing
For feedback, complaints, or inquiries, contact us.

News that matters

By providing an email address. I agree to the Terms of Use and
acknowledge that I have read the Privacy Policy.



© Copyright 1997-2022 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.