BDO Unibank urges its clients and the general public to be cautious of text or email messages that spread fake information, incite panic, and prompt hasty actions, such as clicking on included links.
In a statement, it said fraudulent messages may come from unknown 11-digit numbers or email senders, or they may even appear to be from legitimate sources, using a technique known as “spoofing.”
“Always remember, if the message or the sender urges you to click a link or scan a QR code, it’s a scam,” cautioned BDO. “Delete such messages immediately and report them to the Bank through the following channels: 22567888 (SMS) or reportphish@bdo.com.ph.”
BDO warns that messages claiming a login attempt on an online bank account from an unfamiliar device and urging immediate action to “remove” the device are likely scams.
The statement said that another modus is a fraudulent text message that claims the recipient’s online bank account will be deactivated unless the mobile number is updated, supposedly “as part of a new online system,” by clicking on the link provided. A variation of this scheme is a text that claims the recipient’s email address has been updated, while also providing a clickable link to “change back” to the previous email address.
BDO added that scammers often prey on potential victims by sending messages that claim the recipient’s online bank account has been compromised or that there was an unauthorized login attempt. These unverified messages can cause recipients to panic and follow the instructions, such as clicking on a link that leads to a fake bank website.
On these fake websites, victims may unknowingly enter their bank account details, such as usernames and passwords, which scammers then use to access and steal money from their accounts.
Stay calm and verify
To avoid falling victim to these scams, BDO advises clients to remain calm, never click on any links in suspicious messages, and never share their One-Time PIN or OTP to anyone. Instead, the Bank informs its clients to contact BDO’s customer service directly to verify the legitimacy of the message. (PR)