You think you will never fall victim to a phishing attack or any online scam, what with all the information security technologies and data privacy restrictions businesses claim to have put in place to protect us, consumers. While I don’t get that many unwanted emails recently which usually go straight to my spam folder, a few serious-looking messages will sometimes pass through the filter and get into my inbox. Not that you’ll have a hard time figuring out if they’re fake, these email messages make it look like they’re coming from a legitimate company you signed up with, the most common of which are supposedly urgent notifications from banks instructing you to click on a link to update your details. You end up losing your hard-earned money if you don’t think twice before you click.
The internet is rife with heartbreaking stories of people getting duped and their savings drained until empty. Enough to scare you to change your account passwords more regularly. And with all the gadgets we use daily that now pay more attention to security, you’d think we should be good. Not at all, and at a time when we’re faced with uncertainties given the pandemic, these scammers aren’t stopping, in fact, they’re getting better. Last month saw me too busy, and if I didn’t take a second look, I would have been duped. Unsuspecting, with an email that arrived at a bad time.
I just delete these fraudulent emails, that’s what I normally do. Aside from not having an account from the supposed bank notification, it’s really easy to tell that the email is fake.
It was a busy morning at work and I was meant to call my bank for a failed delivery of a renewal card when I got an email notification that there’s an unknown device with a sign-in request. Of course, I panicked!
— CC Lozano (@cclozano) July 21, 2021
I always thought UnionBank has the better online service among local banks, and its mobile app offers the best security features. Still, I almost got convinced by the email that there was indeed an attempt to hack my account. An Android Xiaomi Note 10 was requesting access from Negros Oriental, Philippines. It looked real so I quickly clicked on the link that pointed to the familiar UnionBank online banking website. I was about to fill it up with my account details but stopped the moment I saw the URL. It was a phishing site and I almost got duped!
A fake hack notification to actually hack your account. Not sure if this is a new tactic but it almost got me and I was really nervous and mad! I immediately checked on my account via mobile app and was relieved to see that my account has no recent or suspicious activity.
How many must have been victimized by this phishing attack, busy people who couldn’t check details, much more the URL? The real versus fake sites looks identical unless you check what seems like a minor difference.
Now how do you spot a phishing email and avoid getting easily duped? Typically the misspellings and poor formatting are instant giveaways. Mind you there’s a way to mask or hide the email address of the sender so you’d think it’s an official communication from your bank. Banks these days are regularly sending email warnings about these online scams, advising customers that you will never be asked to divulge your passwords especially the OTPs.
Make sure that your account is well protected by regularly changing your passwords that are difficult to guess and adding two-factor authentication. Also, make sure that your access credentials are kept in a secure place and never to be shared.
So the next time you get a suspicious email, be sure to check thoroughly, never click on any of the links. It helps to keep a screenshot and report to the bank, so others are warned.
Then delete it forever and don’t get duped. Stay safe!
Thanks for supporting The Versus Workshop. If you’re enjoying the content I produce, a little caffeine to keep me going would be very much appreciated!