Bank of the Philippine Islands (BPI) has released an advisory on how to identify and avoid the most common phishing scams.
The BPI report discusses cyber attacks using e-mails, voice mails, and social media to be avoided by people using the internet for online transactions.
Good News Pilipinas shares online safety tips shared by BPI Data Protection Officer Jonathan John B. Paz.
The BPI report cautions online users to secure themselves from the ever-evolving cyber attacks even with advanced features of smartphones and messaging apps.
The report also cites Internet security firm Kaspersky Lab reports that phishing attempts increased by 27.5% by the third quarter of 2018, recorded at 107,785,069. The financial segment bore the brunt of the attacks, with over a third aimed at banks, payment systems, and e-commerce organizations.
Paz, the BPI Data Protection Officer and Enterprise Information Security Officer, explains the common phishing scams and shares some tips to protect against such attacks.
“Often, a fraudulent e-mail will alert you to a problem that may be fixed if you ‘verified’ your information by clicking on a link, or ask you to support disaster relief efforts or even a political campaign by providing your information using a form embedded in the message,” Paz says.
Paz lists the 5 most common phishing schemes encountered by online users:
- SPEAR PHISHING – Social engineers target and focus on a specific individual or organization. They use information that is particular to the recipient, usually sourced from social media accounts, to appear legitimate and gain the person’s trust. Because these attacks are specific, their chances of success are generally high.
- MALVERTISING – Derived from “malicious” and “advertising”, social engineers create a malicious advertisement which aims to spread malware that would later on the damage the system. That way, social engineers can get access to sensitive information.
- WHALING SCAM – Impersonating the name of the CEO or company executive is another way for social engineers to steal information. They send out emails to its victims using the name of the CEO or executive to make it seem like a genuine request.
- VHISHING – Also known as voice phishing, social engineers use fake caller IDs and ask the victim to key in his or her personal information.
- SMISHING – Social engineers would usually send out text messages containing a phishing website link to many different numbers with hopes of victimizing as many as they can.
The BPI official identifies 3 ways to protect yourself against phishing:
- Make sure to double check e-mails from your bank and online sellers. “Banks will never e-mail to ask you to verify your personal information. If any action is requested by the bank through e-mail, you should contact the bank through their official channels,” Paz says.
- Paz also cautions against posting personal information and updates on social media. These may be used by scammers already in possession of your login credentials to steal your identity and pass security checks by your bank and credit card companies.
- “Leave out your birthday, contact details, and even vacations plans on social media,” he says.
Those who think of themselves as wise in the ways of fraudsters may grow lax and in the process become easier targets for scammers and phishers, Paz warns. It’s always good to pause and check for the telltale signs of phishing, like incorrectly spelled URLs in e-mail links and requests for personal data and confidential information.
And if you receive an e-mail from a source that you know but it looks suspicious—for instance, the e-mail was unsolicited, it contains grammatical errors, or it redirects you to another site—write that source with a new e-mail, instead of just hitting reply.
“Vigilance is key to protecting yourself from phishing,” BPI Vice President Jonathan John Paz says. “This way, we can stay a step ahead of scams and cyber-attacks.”
If you have a Filipino Pride story to share or you want us to cover, tag us on social media with #GoodNewsPilipinas
Like, Follow, Subscribe to GoodNewsPilipinas.com Facebook, Twitter, Instagram, Good News Pilipinas! TV on YouTube, new story notifications and e-mail newsletters for updates on more Filipino Pride stories.