As the coronavirus pandemic accelerates digital transactions, syndicates too have doubled their efforts to steal, prompting banks to ramp up security measures.

The Bank of the Philippine Islands (BPI) reported that it detected and took down almost 2,000 phishing sites from March to August, when the government implemented lockdowns of various degrees. (READ: Phishing is top PH cybercrime during pandemic – authorities)

“They send out malicious emails with COVID-19 themes to steal information and put up fake crowdfunding pages for supposedly PPE (personal protective equipment) donations,” said BPI executive vice president and chief operating officer Ramon Jocson.

“A lot of the crimes being committed involve Filipinos targeting fellow Filipinos – getting their credentials, posing as clients of the banks, and then doing unauthorized withdrawals.”

With these schemes, Jocson said the bank has zeroed in on security to retain clients’ trust in online banking. (READ: Pandemic lets loose scammers in recession-hit Philippines)

“We try to detect abnormal behaviors. We track around close to 22,000 events per second – every ATM withdrawal, log on, and so forth – and we have analytics to track any aberrant behavior,” said Jocson.

To avoid falling into phishing schemes and similar scams, BPI recommended the following:

• Avoid oversharing personal data on social media.
• When doing important transactions, avoid unprotected networks such as free public Wi-Fi and use home or office networks instead.
• Use separate email addresses for banking or e-commerce transactions from those used for social media.
• Avoid opening suspicious file attachments.

“A legitimate email is usually sent by a familiar email domain. For example, official BPI emails are sent using the domain ‘@bpi.com.ph,'” said BPI Enterprise information security and data protection officer Jonathan John Paz.

“BPI, and most banks for that matter, will not ask for sensitive info such as your online banking login and password, credit card info, one-time passwords or OTPs, which can be used to defraud people,” he added. – Rappler.com