DAVAO CITY— Ian, a 36-year-old government employee was resting in his house when he answered a call. It was a bank offering him redemption of his credit card points which amounted to 100,000 points that is convertible to an equal amount in pesos.
“Para talaga silang totoo, parang boses nila and dialogue yung sa customer service ng banko, and nung sinabi na convertible to cash yung points and ganun kalaki naganahan talaga ako, imagine may grasya na darating sa yo.” Ian said.
(They sounded authentic, the voice, the dialogue is like those of the customer service in the banks. When they said that my points are convertible to cash and it was big, I was really enticed, imagine a blessing that big coming to you).
However, he sensed something fishy when the caller asked for his card verification value or CVV.
“Nagsuspetsa na ako (I was suspicious) and confirmed scam na when they asked for my CVV describing it as a batch number in the processing of my application, I just hung up the call,” Ian recalls.
“Wag na wag i-share” (never ever share it)
A bank official has again reiterated to the public not to give away or reveal to other persons their bank details such as their PIN (Personal Identification Number) , OTP (One Time Password) or the credit card CVV.
“Parang susi ng bahay niyo yan, dapat hindi mo shine-share yan. Sa yo lang yan,” says Roy Villareal, Banco de Oro head of Digital Banking, replying to queries of local media on cases of online accounts hacking.
(it is like the keys to your house, you never share it, that is yours.)
He says they are consistent in sending out communication through emails or viber messages reminding their clients not to share or divulge their PIN, OTP or click suspicious online links when using their cellphones or computers.
“Huwag na huwag kayo mag click. Wala kaming pinapadala sa customer namin. As in wala. Zero. We stopped that practice a long time ago,” Villareal said.
(Do not ever click, we do not send links to our customers. Nothing, zero. We stopped that practice a long time ago.)
He said that fraudsters and threat actors will exploit those clicking links that is why they discontinued that practice.
For legitimate and secure transactions Villareal advised clients to visit their official website or download the app on their phones.
“And lastly, we will never call you, the scams happening now are becoming sophisticated, they act like agents, they call. But we will never call you to offer you something like redemption, rewards, etcetera,” Villareal said.
He said the effort to inform the public is a continuous education process as the threat is evolving and becoming more sophisticated.
Based on data from the Bangko Sentral ng Pilipinas, 59.48% of cyber fraud losses were due to account takeover, identity theft, and phishing attacks. In 2024 financial institutions supervised by the BSP lost P5.82 billion from cyberattacks. Phishing and card-not-present scams were noted as one of the prominent attacks.
Phishing is the use of fraudulent e-mails, text messages or websites to steal user data such as credit card numbers and login credentials. Card-not-present scam refers to a modus where the physical credit card is not needed to complete a transaction.
The BSP noted the increasing use of artificial intelligence to create more convincing emails or communications in luring unsuspecting persons to share their bank or credit card details.
The BSP has a platform where the public can report incidents of such hacking or cyberattacks on their financial transactions. Their BOB (BSP Online Buddy) located at the bottom left portion of their website (www.bsp.gov.ph) is a platform where the public can lodge their complaints. (PIA/RGA)
