How to Spot and Stop Phishing and Spoofing

how to spot and stop phishing and spoofing header image security bank philippines

No one wants to admit they’ve fallen for phishing or spoofing scams, yet the data tells another tale.

According to an Intel study, “97% of people globally can’t correctly identify a sophisticated phishing email.” And even though we’ve made strides in fraud awareness, email is still the most used delivery method for malware—and it’s not hard to see why.

In this age of apps, an email address or a mobile number is your passport to the Internet. Yes, these wonders of technology make lives easier but it also means that your contact information is in fact, everywhere. From app signups to email subscriptions, to the sari-sari store where you bought load, to even the attendance sheets you signed. You get my point.

To make matters worse, phishing and spoofing are not limited to emails. Fraudsters resort to SMS and calls too—even being as aggressive as directly calling someone to extract information.

This leads us to the elephant in the room: what exactly is the best way to protect yourself against fraud? Two words: Be alert.

Read more: How to Protect Yourself from Online Fraud

It might take effort and vigilance but it’s not impossible. It’s actually simple: know which emails and texts to click and not to click and which calls to ignore. Not simple enough? Here are some tips on how to spot and stop phishing and spoofing from the Bangko Sentral ng Pilipinas BSP:

What is Phishing and Spoofing?

Phishing: Fraudsters lure you to clicking a link through legitimate-looking or sounding emails, text messages, and phone calls which aims to get your personal details.

Spoofing: Fraudsters fool you by using the identity of a legitimate source (disguising themselves as the domain name, phone number, or email address) to get your details. The main difference between these two scams is that phishing might involve some sort of spoofing to make the phishing attack seem more valid.

The Warning Signs

Watch out for emails/phone calls/text messages that:

  • Ask for your personal information such as username, password, account number, card number, CVV code, PIN, birthday (Banks would not request these details thru email).
  • Have a generic greeting, misspelling or bad grammar
  • Are unexpectedly or not typically received
  • Link you to another website (Possibly spoof or fake website)
  • Do not give your full contact details to the sender

What to do after you spot fraud

  • Verify with/report to your bank immediately. For Security Bank clients, kindly email us at [email protected] or [email protected] for credit card.
  • Copy furnish and/or report to the BSP ([email protected]| (02) 708-7087)
  • Make sure you have OTP enabled for your account. If you are a Security Bank client, click here to learn how the OTP works. Source: BSP
  • You may call our customer care hotline at 8887-9188, email [email protected], or go to your branch of account immediately.



Share This