As the pandemic continues to pressure us to stay indoors, we find ourselves downloading mobile banking applications and opting for online transactions to fulfill our daily transactions.
With all their layers of security, these apps seem pretty dependable at first. That is, until scammers use these very defenses to get our private information and scam us out of our own money overnight.
And trust us when we say that these scammers are getting smarter. Not only are they starting to exploit foolproof security steps and use any possible channel to reach people, but they’re also starting to target the tech-savvy market: the millennials of the world.
Learn about these new tricks that became (in)famous since the pandemic started to see if you’re at risk.
Bogus e-mail sent to BDO customers
If you have an account under BDO you might have received an e-mail asking you to update your bank details for a “routine check.” The e-mail will probably pass off as a legitimate notice from BDO too, a stunt generally known as “brand spoofing.” However, to ask for your private data only through e-mail should be a red flag from the get-go.
While this ploy has been around even before COVID-19 hit, customers still fall for this today due to being too concerned about their account maintenance. You can learn about the telltale signs of phishing by watching this educational video by BDO:
BPI’s SMS dissemination system hijacked
This ruse is a bit more deceptive because the messages can actually come from BPI’s official number. Nope, it isn’t just a stranger’s number using BPI’s name, but the actual hotline through which the bank sends official transaction receipts.
To make matters more complicated, they also employ voice recording technology to use your speech as activation codes in order to fulfill transactions on your behalf.
Aside from the glaring red flag that something out of the ordinary has happened, how these scammers accessed the bank’s official number still escapes the rest of us.
Twitter CS pretending to represent GCash
From e-mails, to SMS, and now to social media — these scammers are really putting in the hours just to extort vital information from customers who just want to transact conveniently. Take this fake GCash customer service account on Twitter (@gcashofficiales) for example:
Fortunately, the captured conversation failed on its goal to get private details and the account has been suspended since. This entire exchange, however, is a strong enough proof that these fraudsters can take on any shape and appear in any platform.
Smarter ways to beat smarter scammers
If they’re upping the ante of their schemes, then we should raise better defenses too. Aside from the usual measures that banks give out, how can we better shield ourselves from shady scams?
Look behind the curtain
Information about hyperlinks, domain names, and website owners aren’t readily seen, but trust us, they’re there. So how can you confirm these sites?
You can hover over a link provided in a seemingly fake e-mail to see if it matches the bank’s exact web address. Most reliable websites also start with an “https://”
on their web address. You can also dig for data such as domain age, owner, and certification using domain trackers online.
Stay buddies with your host bank
To be fair, banks may use regular SMS numbers for convenience, so dismissing unofficial hotlines as scams might be rash. Instead, familiarize yourself with your host bank’s official hotline, as well as keep ties with the bank manager or director.
And just to reiterate, remember that absolutely no one from your bank’s head office would want your private details for “routine checks.” Believe us that they have bigger things to deal with.
When in doubt, rat them out
The rule of thumb is to just ignore anything that happens out of the ordinary. Sometimes, though, you just want to outsmart these scammers and try to put an end to their schemes. So how do you build your case?
Simple: just document everything. When they send e-mails, run a background check, and list down every detail you can scrape off the e-mail address or website. When they try to call, instead of responding, ask questions yourself and record their voices; you can even try to demand a video call so you can screenshot their faces. These help your report to the authorities or to your bank much more legitimate.
As long as life stays tough, these scammers will find their way. Keeping your ears up, your eyes open will go a long way towards keeping your e-wallets intact.