Here’s how to spot, avoid phishing – Bangko Sentral ng Pilipinas
MANILA, Philippines — With incidents of unauthorized transactions in some teachers’ bank accounts, how can users ensure they would not fall victim to a phishing scam?
According to a primer of the Bangko Sentral ng Pilipinas (BSP), phishing happens when unexpected or suspicious emails ask for personal information, details of bank account or credit card, or passwords.
Scammers gain access to these sensitive pieces of information when the bank clients click a link to a usually fake or spoofed website, which often looks very similar to the real webpage.
The BSP said there are four variations of phishing: spear, pharming, vishing and smishing.
Spear phishing is targeted attacks on specific individuals or companies while pharming redirects a user to a fake website where personal or account information would be stolen.
Article continues after this advertisementVishing happens when the clients receive voice calls, automated recording, or voice-over-internet protocol from someone who is pretending to be an employee of the bank or a company well known to the target to obtain information or account details.
Article continues after this advertisementSmishing has the same modus operandi as phishing but instead of email, it uses text or short message services (SMS) on mobile devices such as mobile phones.
According to a BSP module on fraud and scam prevention, things to look out for in a phishing email include: generic greeting, misspellings and sometimes wrong grammar, a link to a spoofed website and an urgent message persuading the recipients to update their account immediately.
Gadget security
To avoid phishing, the BSP said users must not provide personal information, account details or passwords especially via emails.
“Your banks or financial institutions will never ask for such information through email. Do not click links or attachments in these emails,” it said.
If the bank clients receive an email, they should call the financial institution to verify if the email was legitimate, and then ask if the bank sent the particular email.
Bank clients are also encouraged to update their gadgets’ security and antivirus features and upgrade their operating system and applications.
They must also download only the legitimate banking apps and online shopping apps and avoid downloading or installing suspicious software. In short, they should avoid installing apps they are not familiar with. To ensure the security of their connectivity, users must avoid using public computers and free Wi-Fi connections.
When doing online transactions, the BSP said the clients must ensure that the website is secure and legitimate, clear the browsing history or cache regularly and disable plug-ins and the “save passwords” feature.
Activating a two-step verification process such as the one-time password protocol or multifactor authentication would increase protection, as well as enabling text or email alerts for any activity in their accounts.
Reminders
From an initial 11 cases of unauthorized transactions in their Land Bank of the Philippines payroll account, the number of teachers and staff of the Department of Education (DepEd) who reported their concern has gone up to 26, according to Teachers’ Dignity Coalition (TDC) chair Benjo Basas.
One teacher reported losing up to P292,000 of savings, Basas said. The TDC chair noted that a labor lawyer has committed to assist the teachers in forwarding their complaints to the concerned government agencies.
Education Undersecretary Revsee Escobedo said DepEd was coordinating with the state-run bank for the investigation of the unauthorized withdrawals in the payroll accounts.
“[DepEd] is also preparing on providing tips/reminders to avoid online scams (i.e. phishing), so our teachers/employees will not be victims of unauthorized access and data/info theft,” Education Undersecretary Annalyn Sevilla said.
Some teachers and DepEd employees have disputed the assessment of Landbank that their devices were compromised due to the phishing scam.
Justice Secretary Menardo Guevarra has also directed the National Bureau of Investigation to submit a progress report within 30 days.
Meanwhile, the BSP said that if the victims are not satisfied with Landbank’s action, they could bring the matter to the central bank.