BDO Unibank said there are scams now circulating through email which attempt to lure bank clients into giving out their internet banking ID, password, bank account number, credit card account number, and other confidential information.
Known as “phishing”, these email scams are designed to obtain sensitive banking information and other personal data from unsuspecting clients, with the objective of committing fraud or theft.
The email messages usually contain links that, when clicked, may lead clients to what appears to be their bank’s Internet banking login page/website. Some links may generate a pop-up window requesting clients to enter confidential personal and financial information.
BDO is taking extra measures to thwart if not minimize the impact of the said fraudulent activity such as monitoring the Internet for the phony messages and sites, and implementing additional authentication procedures.
Tomas Victor Mendoza, senior vice president of BDO transaction banking group, said the bank has already taken actions but would like to remind the clients to exercise caution in providing personal and financial information on suspicious sites and to check for signs of fraud.
“We urge our clients and the public to be vigilant when banking online to prevent their critical information or their funds from being compromised,” Mendoza said.
He added, “To protect the clients against these email scams, we advise them to be alert to any type of communication that solicits information about their account.”
Following these reminders would be useful:
• BDO will never contact clients by phone or emails to ask for confidential and sensitive information such as Internet banking Username, Password or One-Time Password.
• Likewise, the Bank will never ask clients to change their password through an email request. The change of Internet banking passwords should be done only after they have successfully logged on to the secure BDO online banking sites. Please do not respond to emails requesting for the above information.
• Watch out for URL redirects where the objective is to divert clients to a different website with identical design.
• Do not click on any link provided by such emails. Make sure to personally type the website address (or URL) in the address bar of the browser to get the desired website.
• If clients suspect that an email they have received is an attempt to phishing, please report immediately by forwarding the said email to ReportPhishing@bdo.com.ph and if clients think they may have responded to a suspicious e-mail, change their password as soon as possible by logging in to BDO Personal Online Banking.
Mendoza underscored that the clients’ best defense against fraud is to keep their personal and financial information confidential at all times.