DON’T BITE THE HOOK OF ANY ‘PHISHING’ ACTIVITY
BPI encourages its clients to be more vigilant to avoid falling victim to unscrupulous schemes
You may not be familiar with the term “phishing,” but chances are you’ve found yourself on the short end of the stick on this foul scheme at one point or another.
Remember all those shady emails urging you to “verify” or “update” your account to prevent it from being deactivated; or those text messages warning you about a suspicious activity on your account, asking you to click on an embedded link to update or secure your account?
Or how about that unscrupulous call you get from an unknown caller, claiming to be a representative of a bank, prompting you to disclose confidential account details like an OTP (one-time password) for verification or updating?
Those, ladies and gentlemen, are classic examples of phishing. One can hope you haven’t fallen for any of these tricks, because it could only mean a huge headache and a lot of heartache later on.
Phishing is an attack method that has been around since the mid1990s. The ruse and machination to take advantage of individuals may have changed, but the scheme continues to this day in abundance.
Today, there’s something that’s called “spear phishing,” a common type of cyber-attack in which attackers take a narrow focus and craft detailed, targeted email messages to a specific recipient or group. There’s “smishing,” a combination of “SMS” (or text messaging) and phishing, where cybercriminals seek to trick the recipients into opening malware-laden email attachment or clicking on a malicious link.
Then there’s “vishing” (voice or VoIP phishing), which is an electronic fraud tactic wherein individuals are tricked into revealing critical financial or personal information to unauthorized entities. A vishing attack is conducted by voice email, VoIP (voice over IP), landline, or cellular phone.
However creative the phishers may get, BPI advises its clients to never engage with any suspicious email, text, or calls. Never give out your log-in credentials, bank account information, or security information such as the One-Time PIN (OTP). BPI or any of the banks would never ask for any of these sensitive information. So, if someone did ask any of these, take it as a red flag right away.
To make sure you don’t fall for any of these tricks, do not click on any suspicious links or images sent via email; do not even hit the “unsubscribe” button in any suspicious email (just delete them and block the sender). Do not give out sensitive info such as birthdays, mother’s maiden names, or pin codes.
Should you, unfortunately, fall victim to any phishing activity, report it to your bank right away.
While BPI continuously innovates its services and processes to help make online banking safer and more secure, it’s important for individuals to do their part as well.
Cybersecurity, after all, is a shared responsibility.