Staying on top of the latest fraud attacks helps to keep your accounts secure and your mind at peace. One method that’s gaining popularity is phishing.
In 2024, the Philippines recorded the highest number of phishing attacks. With the rise of artificial intelligence (AI), phishing scams are becoming more sophisticated. Although reports have revolved around Philippine enterprises needing to protect against waves of AI-powered phishing attacks, it’s just as important to remain cautious as a consumer.
What can you do to stay safe? This article offers practical tips for staying safe against phishing attacks. But before that, it’s good to first define phishing.
What is Phishing?
Phishing is a type of online fraud where scammers pretend to be legitimate companies to trick people into revealing sensitive information, such as passwords, OTPs (one-time passwords), or card details. This is usually done through fake emails, text messages, phone calls, or even fraudulent websites that look identical to real ones.
Phishing is a growing problem in the Philippines, with scammers constantly finding new ways to deceive users.
4 Common Phishing Tactics to Watch Out For
Scammers use different methods in their phishing attacks, meaning a broad knowledge of their tactics is the best place to start. Here are some of the most common tactics:
Fake emails
The most popular form of phishing is through email. Cybercriminals build and design their emails to look like just another promotional alert from a company you might have an account with, like Netflix or Atome Card. To someone in a hurry or flipping through their inbox, these emails appear legitimate. The truth is that the links in the email can install dangerous malware onto the recipient’s device without them noticing. This compromises personal data and sensitive documents.
Spoofed websites
Often tied to email phishing attempts, fake websites are a channel for cybercriminals to receive user data unassumingly. These typically appear like login pages as a way to easily surrender your sensitive credentials. A closer inspection would often reveal that the website isn’t trustworthy at all: wrong spellings/grammar, a slightly modified domain name, and a lack of a padlock icon on the web browser are red flags that you’re visiting a spoofed site.
Social Media Scams
Scammers create fake giveaways, and exclusive deals, or even impersonate official customer service accounts to deceive users. They may ask for personal details, and payment information, or trick you into clicking malicious links that steal your credentials. Always verify official pages, and never share sensitive information in response to messages or comments on social media.
Phone Call Scams (Vishing)
Cybercriminals may call you while posing as customer service representatives from various companies. This is known as “vishing,” which the National Telecommnications Commission (NTC) has warned Filipinos about. They may claim to have an urgent problem with your account. This approach is meant to elicit a sense of panic, insisting on immediate action. They’ll typically ask for sensitive details such as your password or answers to your security questions to “resolve” this “urgent” problem.
In reality, legitimate companies will never do this.
How to Identify a Phishing Attempt
Every type of phishing attack shares some similarities you can learn to spot. Here are a few traits to keep an eye out for:
Double-check the link or email address
Look for misspelled domain names, unusual sender addresses, or links that don’t match the ones indicated on the official website.
Notice the language
Scammers often use threatening and fear-provoking language, saying things like, “Your account will be locked if you don’t take action now!” Although other businesses may also emphasize the urgency of certain things, like limited-time promotions or security alerts, they would do so with a more appropriate approach.
Spot if they’re requesting personal information
Legitimate and trustworthy financial businesses will never ask you to share your personal information through common channels, such as email, SMS, or phone calls. They won’t do this for your OTPs either. Atome will never ask for your password, OTP, or card details via email or SMS.
Consider their payment request
Unusual payment requests are often a dead giveaway that a phishing attempt is happening. What’s an unusual payment request? For example, if they’re asking you to make a payment immediately or through a bank transfer—that would be a little weird, wouldn’t it? In these cases, it’s better to avoid the situation and report it for your protection and the protection of others.
How to Protect Yourself from Phishing Scams
Here’s what to do in case you’ve just been the victim of a phishing or fraud attempt:
- Verify links before clicking them: Hover over links to see where they lead before clicking. If the website appears to be a jumble of letters and characters, it could lead you to somewhere dangerous. You can also Google email addresses to check their validity.
- Use Two-Factor Authentication (2FA): Adding an extra layer of security makes it harder for scammers to access your account.
- Keep your devices secure: Regularly update your software and use antivirus protection to prevent malware attacks.
- Enable transaction notifications: Get real-time alerts every time your Atome Card is used to quickly spot unauthorized transactions.
- Report it: You can send a phishing attempt report to Atome’s customer support at [email protected].
Stay Alert, Stay Safe
Phishing scams are a serious threat, but by staying informed and cautious, you can protect yourself from fraud. Always verify emails, avoid clicking on suspicious links, and never share personal details with unknown sources. If you ever receive a suspicious email or SMS claiming to be from Atome, report it immediately to [email protected].
By taking these precautions, you can enjoy the convenience of your Atome Card without worrying about cybercriminals. Stay vigilant, stay safe, and shop with confidence!
