PLDT and its wireless unit Smart Communications, Inc. (Smart) raise the flag on fake advisories supposedly released by banks and digital wallets. PLDT and Smart’s Cyber Security Operations warns the public that cyber criminals have been getting more sophisticated in imitating official communication materials of financial institutions.
“Without scrutinizing these fake advisories, one can easily be fooled into thinking they were officially released by the bank. We need to take the time in going over these messages. Also beware of calls supposedly coming from bank representatives. Cyber threat actors have become familiar with the dialogues used by official bank agents that they can sound very convincing,” warned Angel Redoble, FVP and Chief Information Security Officer at PLDT and Smart.
PLDT and Smart share the following tips to help the public protect their online banking accounts and to avoid falling prey to scams.
Be vigilant about unsolicited communication. Do not trust unexpected emails, SMS, or calls requesting for personal information or login details like OTPs (one-time passwords). Banks or legitimate organizations never ask for these details over these channels.
Double-check the source. Scammers often use email addresses or URLs similar with the bank’s official communication channels. Watch out for misspelled words or slight variations.
Never share personal information. When in doubt, do not reveal personal information or other financial details.
Use strong, unique passwords for each account. Make sure that passwords are at least 14 characters long and combinations of small and capital letters, numbers, and special characters.
Enable multi-factor authentication (MFA)to create another layer of protection. It also notifies users of unauthorized attempts to open their account.
Regularly update software. This ensures that operating systems, web browsers and other applications are running the latest security patches against vulnerabilities.
Report suspicious activities. Reporting helps your organization develop an appropriate response to the threat and alerts the community, as well.
PLDT and Smart have been proactively preventing malicious messages from reaching their customers. In September alone, they have blocked more than 5.5 million SMShing messages. In the same month, Smart, likewise, has blacklisted more than 21,000 mobile numbers involved in scams and fraudulent activities. The PLDT Group has also prevented more than 1.6 billion attempts to open malicious domains in the same period.
The efforts of PLDT and Smart to share CyberSmart tips on keeping customers safe online are fundamental to the PLDT Group’s much broader program to elevate the quality of customer experience by protecting them from threats and cyber-attacks.
If you receive suspicious messages or calls, report them to cybersecurityincidents@smart.com.ph.