We cannot stress enough the importance of financial education to avoid becoming a victim of scams.
Being financially smart means that you know how to avoid falling into one of the many phishing scams that are now becoming widespread. As noted from “Cybercrime in the Time of Corona: PH Cybercrime Trends during the Covid-19 Pandemic” hosted by the Department of Justice - Office of Cybercrime, phishing cases reported to the agency has increased by more than 200% as cybercriminals are taking advantage of the changing spending habits of Filipinos due to lockdowns.
There are plenty of types of phishing scams. Here are some of the most common modus operandi and tips to avoid becoming a victim.
Digital security literacy against phishing
One of the most common ways cybercriminals attempt to phish information from Filipinos is by playing on the emotion and lack of digital security literacy to identify a phishing scam.
A cybercriminal might send you an email that looks like a legitimate email from your bank requiring you to provide personal information, passwords, and other confidential data that they can use to access your bank account.
As online banking is becoming more common, digital security literacy is becoming a must for every Filipino interested in doing online banking. Recognizing a legitimate app or website, discerning fake calls, and knowing the processes for remote banking can save you from divulging sensitive information.
Tips to Avoid Phishing:
- Never give out private information like your birthday, mother’s maiden name, debit and credit card number, OTP, and more. Your bank will never ask for such details.
- Look closely at the email you received. Is the sender a legitimate bank email? Does the email address you by your name and not a generic “Dear Customer” or “Dear User”? What is the tone of the message? Does it compel or pressure you to do something immediately? And does the URL link to your bank’s legitimate website?
- If you’re unsure about an email, text, or call, call your bank’s official number to verify if it was sent from them.
Small business phishing scams
Phishing isn’t just limited to private Filipino citizens as small to medium businesses are also being targeted by cybercriminals. If left unprotected, this could affect your business, employees, and customers.
Tips to Avoid Phishing:
- Train employees on digital security literacy. Many cases of small business phishing are due to employees creating a vulnerable point in the business for cybercriminals to take advantage of.
- Invest in the latest antivirus software and keep your software updated for any security patches.
- Invest in web filter software to prevent your employees from accessing malicious websites that seek to harvest sensitive data about your company.
Malware
Malware refers to any software that can do plenty of damage to your computer. Aside from phishing data, it can also include spying on your activity, destroying your files, or even seizing your data and holding it for ransom until you pay to get your files back.
Understanding how to avoid malware from getting into your computers and gadgets can prevent it from accessing your sensitive and personal information which, in turn, could lead to account takeover and identity theft.
Tips to Avoid Phishing:
- Avoid malicious websites.
- Do not open suspicious-looking emails. Do not download suspicious attachments, especially those with “.exe” at the end of the file name.
- Avoid accessing your online bank account through public Wi-Fi hotspots. As much as possible, access it using your home Wi-Fi or any private Wi-Fi source you can trust.
- Invest in anti-malware software with browser checking protection and capabilities as this can verify safe content and automatically block risky websites.
More Tips to Avoid Phishing
Enable two-factor authentication- Even if a cybercriminal gains access to your banking account passwords, two-factor authentication ensures that they will not get in unless they have access to another form of authentication that only you can provide. For example, most online transactions require OTP or One-Time Password as a form of step-up verification. This verification, usually a 4 to 6-digit code, can only be provided by the user through the registered mobile number or email address, hence adding another layer of security.
Create strong passwords- Use passwords that are difficult to crack. Use a mix of letters, numbers, and symbols to create a strong password -- even better if you can make it longer than 10 characters. Make sure there aren't any ties to your personal information. Avoid using the same password for all your online accounts.
When in doubt, contact your bank- When you receive an email, text, or call that seems suspicious, contact your bank’s official channels via phone, website, or social media. This can help you verify if you received a legitimate form of communication from your bank.
Now more than ever, Filipinos need to be alert for any phishing scam that seeks to take sensitive information from them. These are just some of the ways financial and digital security literacy education can help you avoid falling victim to the most common types of phishing scams.