How to fend off phishing attacks
Everyday, millions of people all over the world lose their money after succumbing to cyberattacks. According to a report by RiskIQ, a US-based cybersecurity company, online fraudsters stole $2.9 million every minute from global economies throughout 2018 – equivalent to a whopping $1.5 trillion in total.
Phishing is one of the most prevalent cyberattacks. It is an example of social engineering, a technique being employed to deceive internet users, including bank account holders. “Phishing is a fraudulent practice that induces individuals to reveal their sensitive, personal information such as usernames, passwords, credit card details, by disguising as a reputable company in an electronic communication,” said Edwin Reyes, executive vice president and Transaction Banking head of BDO Unibank Inc.
“These emails or text messages frequently use threats or scare tactics to get recipients to click on a link to a fake website, which look almost identical to the legitimate website of the firm it’s disguised as. Here, recipients are asked to enter their personal information which fraudsters steal and later on, use to access their bank accounts,” Reyes said.
Con e-mail
It’s likely that you have already received a suspicious email. Global anti-phishing company Valimail estimates that at least 3.4 billion fake emails are sent out to millions of private and corporate email accounts around the world everyday.
Fraudsters do not discriminate against age, gender, profession, religious beliefs, nationality, or income-bracket. Everybody is a target.
In the US alone, the world’s largest economy, the US Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) reported that over $48 million was lost from phishing attacks last year. Worst, more than $1.2 billion was stolen via business email compromise (BEC) and email account compromise (EAC) both types of phishing attacks.
Most recently, the server of US-based bank Capital One has been hacked. The personal information of more than 100 million individuals in the US and Canada has been stolen in one of the largest data thefts from a bank.
In the Philippines, many have already been victimized, losing much of their hardearned savings. To combat fraudsters and protect Filipinos from phishing attacks, the Bangko Sentral ng Pilipinas (BSP), local banks, and other financial institutions have joined forces to put measures in place – from BSP mandating all banks to migrate from magnetic stripe to EMV chip card technology, to banks investing in more sophisticated cybersecurity software to keep their clients’ money safer.
Beat the trap
Despite the industry’s valiant efforts, fraudsters, unfortunately, still manage to stay a step ahead. But this shouldn’t strike fear or prevent us from living our best lives. “We are not allowing phishers to win. Through our anti-fraud awareness campaign, we are empowering our clients with information to help keep them be alert and vigilant against phishing attacks. Consumer education is key. This is our advocacy and commitment to our clients,” Reyes said.
The BDO executive admits, however, that the public and private sectors cannot beat phishers on their own since they cannot access bank accounts without clients’ authorization. Only clients should have access to their accounts. The bank reminds account holders never to give away their personal, confidential information to anyone as this can be used to open their account and make authorized transactions.
“Remember, banks will never ask for your personal, confidential information. The moment you get prompted to provide this – that’s how you know you are under attack by a phisher,” Reyes said.