ALONG with the increase in digital financing transactions, there has been an increase in cyber scams targeting e-payment users. Scams that trick you into sharing personal information by phishing emails, SMShing text messages, vishing voice calls, spoofed or fake websites and SIM card upgrades by unauthorized telco agents. In most cases, the scammer poses as a representative of a financial institution, well-known company or telecommunications company, and requests your account information, passwords, one-time passwords, and other personal information. The scammer then uses this information to gain access to your account and make fraudulent transactions.
Other scammers trick you into sending money to accounts that appear valid for transactions that seem legitimate, such as online impostor scams, in which the scammer pretends to be a relative/financial institution representative, potential employer, charity organization, or romantic partner in order to obtain your account details and personal information or to request monetary support; and bogus online sellers, in which the scammer pretends to sell products and services.
Financial services companies, such as banks and fintechs, are particularly appealing targets due to the large amount of money available. People have been doing more online transactions since the pandemic hit, and cyber criminals are taking advantage of this. Scammers and fraudsters who have obtained someone's personal information are taking it a step further by attempting to obtain credit cards or take over bank accounts.
According to the Bangko Sentral ng Pilipinas (BSP), the most prevalent among the schemes employed are account take over and social engineering that involve phishing and its variations, which intends to manipulate customers into disclosing sensitive information necessary to execute unauthorized transactions.
In light of this, the BSP issued a memorandum on March 22, 2022, advising financial institutions to implement supplementary control measures to ensure a consistent and industry-wide approach in combating aggressive phishing campaigns, such as the removal of clickable links in emails or SMS sent to retail customers, followed by an information campaign informing customers that the financial institution will no longer be sending clickable links and the implementation of strong fraud surveillance.
delivered to your inbox
While it is the financial institution's responsibility to protect customers and assets, customers can also do some things on their own to add a layer of protection for themselves. Know and be wary of the warning signs of the different kinds of scams. Engage only with entity registered or supervised by government agencies, assess reviews from their past customers, verify the legitimacy and security of websites, apps or social media pages before making transactions, never share your account and personal details with anyone, use strong password and change them regularly, activate multifactor authentication in all your accounts, and follow your financial institution's security guidelines and safety reminders when making online transactions.
If you think you have given out information to a scammer, remember that your first report of a cyber scam or suspicious transaction should be to the financial institution that was spoofed. Call the company and send a letter to verify if such email request is real.
The Department of Finance (DoF) urges the public to stay cautious and avoid providing any personal information to these scammers. The DoF, along with the anti-cybercrime authorities and other relevant law enforcement agencies, are tracking down and prosecuting those behind these schemes. Any person found guilty of any of the mentioned fraud shall be punished under the Republic Act 10175.
For suspicious investment schemes, you may contact the Enforcement and Investor Protection Department of the Securities and Exchange Commission through e-mail at [email protected] or through landline at (02) 8818-6337.
For malicious messages, lodge reports to the National Bureau of Investigation (NBI) Anti-Fraud Division at (02) 8525-4093 or e-mail at [email protected] You may also send a message through the NBI's website at www.nbi.gov.ph or their official Facebook account. You may also report these incidents to the Philippine National Police Anti-Crime Group through www.pnpacg.ph or hotline number at (02) 8723-0401 local 5313.
Nowadays, these fraud attempts are unlikely to abate anytime soon as there will be a permanent shift toward more digital transactions in businesses, which means cybercriminals will continue their attacks.
Audrey Demika Paulene Ponce is a Polytechnic University of the Philippines alumna and is working as a compliance analyst in First Circle, an award-winning financial technology company that has been supporting small and medium enterprises since 2016. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. If you have any question or comment regarding this article, you may email the author at [email protected]