Bank account holders lose thousands to phishers, vhishers
Several bank account holders have filed complaints before the National Bureau of Investigation (NBI) after they lost thousands due to phishing and vhishing.
Victim Rose lost almost P1 million from her bank account after the scammers pretended to be from a bank, according to John Consulta’s “24 Oras” report on Thursday.
“Ako yung breadwinner of the family, ako lang ang nag-iipon sa amin at may work. Bakit wala kayong ginawa? Sana naman nung ni-report ko sa inyo ito frineeze nyo na lang yung account o tinawagan yung bangko kasi alam naman nila yun eh. Pinaghirapan namin ng ilang taon yun, sobra,” Rose said.
(I am the breadwinner of the family, I am the only one who has a job. Why did you not do anything? When I reported this to you, you should have frozen the account or called the bank because they already know that. We worked hard for this money for several years.)
The same scam happened to another victim Daphne.
“Meron daw akong electronic GC na makukuha, nakukuha daw po yun by purchasing and using your credit card sa mga stalls. Ginagamit lang niya yung credit card info ko pero ang ina-access niya ay yung online Security Bank na savings account ko,” she said.
(They said I have an electronic gift certificate which can be obtained by purchasing and using your credit card at the stalls. The scammer only uses my credit card info but what they were accessing really was my online ... savings account.)
She immediately went to the bank to report the incident.
“Baka pwede nyo po i-down ang system para di na niya maaccess pa, kasi ako po itong may-ari ng account na nagsasabing may unauthorize,d” she said.
(Maybe you can shut down the system so that he can no longer access it. Because, I am the owner of this account that says it is unauthorized.)
"Pero ano ang sagot sa akin? May proseso po kami, magdi-dispute lang tayo. Sobrang sakit, ang laki ng nawala sa akin, kalahating milyon, pinagipunan ko yun sa mahabang panahon. para sa mga anak ko yun,” she added.
(But what did they answer? We have a process, we need to dispute. It hurts so much, what I lost, half a million, I saved for a long time. It's for my children.)
Former EB Babe member and business owner Anne Maxwell said she received a notification that someone tried to withdraw P35,000 from her bank account.
However, before she tried to login to her account, she received a message that P500,000 was withdrawn from her bank account.
“Kasi hindi naman malalaman ng scammer yung details namin kung walang tao sa looban. Kasi lahat, ultimong account, user ID, password, lahat alam nila. Dapat ibalik nila yung pera namin kasi yung pera namin nawala sa bangko nila,” business owner Anne Maxwell said.
(Because the scammer will not know our details if they have no accomplice from the bank. Because they know everything, account, user ID, password, everything. They should return our money because that is our money which was lost in their bank.)
Retired professor Nancy Rotor-Peralta, 80, also lost money.
“Dapat protektahan nila ang interes ng mga nagbabangko lalo na ang matatandang kapares ko na walang kaalam-alam sa online banking na yan,” Rotor-Peralta said.
(They should protect the interest of the bankers, especially old people who have no idea about online banking.)
According to the NBI, the scammers were using a mixed mode of phishing and vishing.
“Sino ang may access sa mga credentials na ito sa ating mga banks? May 3rd party involved ba? May insiders ba? We will dig deeper doon sa kanilang system structure. Bakit may compromise assuming may compromise, at sino ang may access sa system na ito? We will issue corresponding subpoenas,” NBI Cybercrime Division chief Jeremy Lotoc said.
(Who has access to these credentials in our banks? Is there a 3rd party involved? Are there insiders? We will dig deeper into their system structure. Why is there a compromise assuming there is a compromise, and who has access to this system? We will issue corresponding subpoenas.)
At least 10 victims from Pampanga, Laguna, and Metro Manila have filed complaints before the NBI.
In a statement, the Security Bank said it is already investigating the incident.
“Security Bank is aware of the concerns raised. We have conducted thorough investigations, adhered to the appropriate reporting protocols, and responded appropriately to customers,” Security Bank Corp. said.
“While vishing relies on tricking customers into surrendering their information over the phone through social engineering techniques, phishing relies on scare tactics and highly detailed fake websites to entice customers into submitting their information. Once a customer does so, the fraudsters will then use it to access their account,” it said.
“Account security is a shared responsibility. We continue to take steps to address concerns and regularly run enhanced customer education and awareness campaigns,” it added.
“We urge our customers to be vigilant and to never share their one-time passcode, CVV, or PIN via call, text, or email with anyone. Likewise, we discourage our customers from clicking on any suspicious links, taking calls from unverified sources, and only update their information directly through official bank channels,” it added. —Richa Noriega/LDF, GMA Integrated News