fbpx

More phishing activities targetting local banks

While BPI has recently released an email notice to all their online banking clients about the recent phishing activities targetting their BPIExpessOnline system (via Ka Edong), yet another one has just surfaced for Equitable PCI Fastnet users.

Consumer education is the key but I believe there could be some minors changes local banks can do to prevent it.

  • Do regular weekly/monthly newsletters. These familiarizes online banking users to the email notices and would help them expect (or not to expect) such notices in the future.
  • Create a dedicated section in the official bank website enumerating all important email notices sent out to customers. This will allow users to compare what they got from the mail with the one posted on the official website.
  • Make a better-looking newsletter layout or alert email format. Aside from branding, it helps the users to be familiar with the look of the authentic notices.
  • SMS notices. If an email alert is important, SMS alerts may also be used to verify that an email has been dispatched for full details of the urgent notice.

These are minor changes that can be done easily but will greatly help in the effort to fight phishing scams. Care to share some of your thoughts how phishing scams can be avoided or spotted easily?

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 985 other subscribers
Avatar for Abe Olandres

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and considered by many as the Father of Tech Blogging in the Philippines. He is also a technology consultant, a tech columnist with several national publications, resource speaker and mentor/advisor to several start-up companies.

4 Responses

  1. Avatar for tutubi tutubi says:

    local banks are on the planning stage of strong two factor authentication to address this issue aside from customer education which is really hard to do

  2. Avatar for Nils Nils says:

    In the states many of the banks are now issuing “tokens” that generate a unique PIN that is required to complete online transfers. SMS may be a cost effective and efficient way to implement a similar system however if an hacker gets into an account and has the ability to modify the mobile number of record that would defeat the purpose. Tokens may be the best option for now.

  3. Avatar for Sidney Sidney says:

    A little bit off subject.
    To access my account online with my computer I got here a PIN code which is always the same (which is dangerous) in case someone is spying on me.
    Most Belgian banks give you a little calculator were you put your PIN number. That calculator generates a new code each time you want to log in your account.
    Much safer.

  4. Avatar for deuts deuts says:

    I liked the last one, SMS notice of the email. At least it’s not another spam text.

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *