The Bangko Sentral ng Pilipinas (BSP) is reminding the public to be vigilant against fraud perpetrated through unsolicited emails or text messages with links that redirect the mobile user to highly suspicious websites.
These include SMiShing, a form of phishing scam where a fraudster sends a text message to trick a user into clicking on a malicious link. This malicious link, when clicked, automatically downloads malwares and/or redirects to websites that collect information that may be used for fraud.
To help prevent this, the BSP advises the public to carefully scrutinize messages; to refrain from clicking links even if these appear to be coming from banks, e-money issuers, or known companies or brands; and to protect personal information.
The BSP reiterates that legitimate financial institutions will not ask for personal details and/or account credentials (e.g., username, password, OTP or one-time pin/password) from their customers via text messages or by sending links to websites.
Such websites may have been created by scammers to trick a user into disclosing login credentials, personal data, bank or credit card details, or passwords; or to introduce mobile malware.
While these websites may seem legitimate, fraudulent sites often have errors in spelling, punctuation, capitalization, and grammar. Banks, e-money issuers, and legitimate companies exert extra effort to maintain professional websites without such errors.
Consumers who experienced SMiShing attempts are advised to report these to their banks or e-money providers immediately.
The BSP reminds the public to always protect their personal information and account details. For more information on the common types of frauds and scams, please visit https://www.bsp.gov.ph/Media_and_Research/Primers%20Faqs/Protect_yourself_from_Fraud_and_Scam.pdf