I first wrote about a phishing attempt in Jan 2007. It was targetted at BPI Expressonline users.

Here are a few excerpts from that article followed by tips from BDO on how to protect yourself from Phishing.

What is Phishing?

In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging. (Source: Wikipedia)

My tips on how to spot a phishing attempt:

  • e-mail comes from a “stranger”, an un-familiar sender
  • It asks for sensitive information (e.g. username, password, credit card information)
  • It asks you to open a URL or file that is un-familiar to you (thus, NOT trustworthy, given the sensitive information it asks for).

What to do when you receive a phishing attempt:

  • Ignore. If you don’t give out sensitive info, you should be safe
  • Report. Gmail has a phishing report feature. This helps Netizens fight back against phishing.
  • Be vigilant, inform your friends and loved ones about this modus operandi.

I ended my article by advocating that banks should educate their customers on the risks of Phishing. A few weeks later, BPI came out with their security announcements.

Last week, I received this security bulletin from BDO (copied here verbatim for reference).

 “direct.marketing@bdo.com.ph” <direct.marketing@bdo.com.ph>    Feb 22
subject  BDO Internet Banking Security Bulletin – 03A667A00603

There are scams recently circulating through email that attempts to lure bank clients into giving out their internet banking id, password, bank account no., credit card account no., and other confidential information.

These email scams, also known as “Phishing”, are attempts designed to obtain sensitive banking information and other personal data from unsuspecting clients, with the objective of perpetuating fraud or theft.

The email messages usually contain links that, when clicked, may lead you to what appears to be your bank’s internet banking login page/website. Some links may generate a pop-up window requesting clients to enter confidential personal and financial information.

To protect yourself against these email scams, we urge you to be alert to any type of communication that solicits information about your account. Please be reminded that:

  • BDO will never contact clients by phone OR EMAILS to ask for confidential and sensitive information such as your internet banking Username and Password FOR EXAMPLE. Likewise, the Bank will never ask you to change your password through an email REQUEST. The Change of internet banking passwords should be done only after you have successfully logged on to the secure myBDO or FASTNet internet banking sites.

Please do not respond to emails requesting for the above information.

  • Do not click on any link provided by such emails. Make sure that YOU, PERSONALLY, type the website address (or URL) in the address bar of the browser to get to your desired website.

You may contact us through http:// www.bdo.com.ph or bank with us through https:// www.mybdo.com.ph (for BDO and converted EPCI account holders) or through https:// www.fastnet.com.ph (for unconverted EPCI account holders).

  • BDO’s myBDO Internet Banking and FASTNet official websites’ URL starts with — “https://” — the text “s” identifies the site to be a securely protected site. In contrast, “phished” websites are usually accessible with URLs starting with “http://” which are unsecured sites.

Make it a habit to check and view the “https://” in the URL whenever you access any internet banking website, to ensure that you are accessing a secure site.

  • For further inquiries, or if you suspect that you have received a fraudulent email or phone call, please immediately call our BDO Customer Contact Center at any of the following numbers:

Tel. No. : 631-8000
1-800-10-6318000
(Int’l. Access Code) + 800-8-6318000

  •  Also, please promptly forward any suspecting emails you receive to tngbgrms@bdo.com.ph for our investigation.

As a precautionary measure, we suggest that you change your internet banking Password immediately by logging on to https:// www.mybdo.com.ph (for BDO and converted EPCI account holders), or to https:// www.fastnet.com.ph (for unconverted EPCI account holders).

Remember that your best defense against fraud is to keep your personal and financial information confidential at all times.

Thank you for banking with BDO.

TOVI MENDOZA
Vice President
TBG-Retail Market Segment
BDO

ka edong
BPIBDOBOY

eOFW is not related in any way to the companies featured in our articles except otherwise specified. We feature different companies for the information of our readers to help them better find services that suit their needs.

No related posts.