Email Fraud Prevention Tips

Hackers and fraudsters have gotten more difficult to spot these days. No one is spared from their schemes, not even the most tech-savvy among us. Anybody can fall prey to an email scam. In fact, even tech giants like Google and Facebook were scammed by Lithuanian hacker Evaldas Rimašauskas. How much was he able to steal? Over $123 million.

Fraudsters, in general, are able to get a person’s sensitive information, like their personal data or bank details, or may even get them to send money.

How to recognize fraudulent emails

1. Email address

Before clicking on any links or replying to a message, check the email header and the sender’s email address to see who the sender is. Read the address carefully as some fraudsters are known to impersonate legitimate companies like your bank, subscription network, or even the government. If there is something even vaguely off about the sender, or you don’t recognize it at all, delete the email right away.

2. Logo

Phishing emails are likely to contain the logo of the institution or company they are impersonating, though it may look a little different from the official logo. The fake one may seem a bit distorted, stretched, or smaller than the logo in an official email correspondence.

3. Email greeting

Phishing emails often have generic headers like “Dear Customer,” “Dear Valued Member,” or even “Dear Sir/Ma’am.” Some may not even have a header at all and just go straight to the body of the message. Legitimate emails will address you by name.

4. Spelling

Carefully go through the email for any spelling and grammar errors. Phishing emails will usually have at least one. You can also check the sender’s email address, as sometimes this is where the errors are hidden.

5. Links

Be wary of any links or attachments in the email. Never click on a link unless you recognize who the sender is. Phishing emails will often redirect you to a website that is a duplicate website of the company they are impersonating. They will then use the website to harvest your information by asking you to “log in.” You can check for the legitimacy of a link by hovering (not clicking) over it. If the address is familiar, you can go ahead and click it. Or better yet, type the address yourself in the address bar or search for the company website on your search engine.

6. Email Security Zone

Upon opening the email, look for the Email Security Zone where the sender’s email address and other details can be checked to verify the authenticity of the account. It has details that only you and your bank knows (like the last 4 digits of your card or account number).

Email fraud protection and prevention tips

• Make sure you allow your browser to block any pop-ups
• Regularly download any security patches and updates. Update your computer’s and phone’s system software as soon as it’s available. This ensures your device has the strongest protection possible and that any weaknesses spotted in previous versions of the system have been addressed
• Prevent unauthorized people from accessing your device by disabling “File and Printer Sharing” on your computer
• Always log out of your computer or switch it off when it’s not in use
• Create unique, strong passwords for each of your accounts. Make sure each password contains a combination of words, numbers, symbols, and both capital and lowercase letters
• Never post personal details, including your birth date, birthplace, mobile number, or address, on the internet
• Avoid using the same password for multiple accounts
• Never store your password list on your computer. Instead, invest in a password vault that keeps an encrypted copy of all your usernames and passwords
• Make sure you have a strong wireless security network password as well. Routers are not the most secure of devices, so hackers can easily get into your internet account. Change the default password of your router to a more secure one once you get the chance
• Use an encryption software to protect the data that’s on your device

Reporting suspicious emails

If you suspect you’ve been a victim of fraud, call us immediately and report the scam emails or email fraud incident to (02) 88-700-700 or 1-800-1888-5775. You can also email us at customercare@metrobank.com.ph using “Report on Possible Fraud” as the subject.

Help us #FightFraud

Metrobank takes banking fraud seriously. You can be part of the fight. Browse through our articles and learn more about how we can fight fraud together.