The Bangko Sentral ng Pilipinas (BSP) has issued an advisory to the public pertaining to phishing scams.
Phishing is a form of identity theft whereby someone steals or uses personal or sensitive information of another person without his/her knowledge or permission, through hacking into one’s personal account, hijacking one’s data and taking over one’s online identity, to commit fraudulent acts/crimes, or conduct unauthorized business.
Once the scammers have your information, it becomes possible for them to withdraw money or purchase items under your name, open a new bank or credit card account, use your present account to illegally deal with other people, or encash checks on your behalf.
Scammers may also install computer viruses and worms or embed them in your e-mail and disseminate more phishing e-mails to other people.
These fraudsters usually send an e-mail with a generic greeting, such as “Dear Customer” or “To Our Valued Client” with an urgent message or content containing a threat such as “Verify your account”, “Update your account”, or “Failure to do so will result in account suspension.”
The message is usually accompanied by a link that, when clicked, leads to a spoofed or fake website which asks you to input your personal and financial information such as User IDs, passwords and account and personal identification numbers.
Scammers may use official-looking logos and other identifying information from a financial institution or other legitimate organization.
Phishing may be done in various methods other than e-mail, such as text messages, chat rooms, electronic fake banner advertisements or message boards, fake mailing lists, fake job search sites and job offers, and fake browser toolbars.
To avoid being victimized by Phishing scams, do not reply to suspicious e-mails. Ignore and delete the message. Do not click any link in a suspicious message. Do not give personal and financial information requested through e-mail.
Instead, call your bank and send a letter to verify if such e-mail request is real. If you think you have given out information to a phisher, report the incident immediately to the company that was spoofed.
