THE Bureau of Customs (BoC) has warned port users and other stakeholders against malicious e-mails that were purportedly coming from the agency.
Customs Commissioner Nicanor Faeldon, through the BoC’s Public Information and Assistance Division, issued the warning over the weekend after the bureau’s attention was called by some brokers and importers.
“They are spam or phishing emails. They did not come from us,” said the BoC’s information office.
Phishing is a form of identity theft in which fraudsters trick users into sending personal information to illegitimate websites. Phishing scams are usually in the form of spam or pop – ups and often difficult to check. Once the receiver’s personal information is obtained, fraudsters can use it for all types of identity theft, putting one’s reputation at risk.
At first glance, it looks like a communication from a trustworthy source and often trick readers to click on a malicious link. Phishing websites often display the entire look of a legitimate website, including logo, making it appear genuine.
More sophisticated emails install or execute hidden codes on the receiver’s computer once the email is opened.
The BoC called on the public to be particularly cautious of emails that come from unrecognizable, unknown or unreliable sources, which, it said, may be done by ensuring that the site has a lock icon or an “https:” in its address rather than just an “http:”
“Moreover, refrain from responding to emails urging the recipient to act urgently on request for personal or financial information, or asking for confirmation of such information over the internet, and on emails urging the recipient to act quickly on an alarming information,” it added.
The bureau also advised stakeholders to conduct orientation for all their employees, both IT and non – IT, to have an awareness on recognizing phishing attacks, to know the risk of phishing, and how to address them.
It pointed out that email addresses of government agencies normally carry the name of the office like email@example.com.
To ensure that the email is legitimate, the BoC said that the most prudent things to do are to call the sender and verify; maintain an up-to-date security patches for office systems; deploy an updated firewall, spam filter, anti-virus solution, and anti – spyware software; and encrypt all sensitive information of the company/organization.
WILLIAM B. DEPASUPIL