Ever experience that moment when you get a text message early in the morning and you excitedly jump out of bed thinking it’s crush-laloo greeting you, only to find out it’s some random SMS with bad grammar asking for your personal details? That inis-factor you’re feeling for these scammers — yes we’ve all been there, we feel you!
It doesn’t just stop there though. Nowadays, with the convenience of being able to buy anything with just a pa-“mine” comment at a live selling session or order that flash sale item with a tap of our fingers, come new levels of scam tactics. A common one is called phishing, where scammers send fake SMS, Emails, or links designed to trick people into giving away sensitive information such as personal information, banking details, and passwords.
Scammers are getting more and more creative that we have to be G to be informed about what’s going on. Knowing the different ways they work is the first step in protecting ourselves. We all give in to certain types of “budol” as we call it—wherein we willingly fall for irresistible discounts or all-in-one bundles, or when you know you don’t need a new phone case but you purchase it anyway because it’s cute. To buy your wants and needs is okay, especially that you’ve been working hard for it. What is not okay is when you get yourself into types of budol that actually robs you of all your hard-earned money.
Are you G to be protected? Here are some common phishing scams and ways to protect yourself especially as we enter the merriest season of the year:
A popular method for scammers is to pretend to be an authorized customer representative on different platforms by appropriating company logos and a person’s profile picture. In social media, this can happen if you post your complaints publicly. They send a direct message and pretend to offer help with your concern. In emails, they use what seem to look like official addresses and create a sense of urgency to pressure you into following the steps they have outlined, otherwise, you will lose access to your account or incur possible charges. While in SMS, they send suspicious messages and links that will prompt you to install an app or require you to input your MPIN or OTP for many reasons: you’ve won a contest, have expiring rewards to claim, or that you need to update your contact information. Sometimes they’ll even call you.
How do you spot scammers? Start by checking the sender. Is the text or call from a random phone number? Does the email look credible or does it look like it came from a sketchy free platform? Always check the source. Second, did they send you a link? GCash, for example, will NEVER send you an email asking to click a link. Scammers have become clever to make sure they no longer have typos on their message alerts. They used to misspell words like GCash or replace letters with numbers like GC4sh, but they’ve leveled-up to replicating official web pages by using the same visuals or actual promos to phish details from users.
Their goal is to get your One Time PIN (OTP) so they can link their device to your account, and your MPIN so they can login. If they can’t get your MPIN, they will try to ask for more OTPs in order to reset your MPIN. If you’ve been saving money for your pending bills and you don’t want to wake up as a player in Squid Game, never give out your MPIN and the OTPs that you receive on your phones.
However, scammers have found creative ways to sneakily get these info so it’s important to expose them and get to know their methods. Here are some examples:
- Hiram mobile phone – they borrow your phone for a variety of excuses but their real intent is to request OTPs to be sent to your phone so they can reset the MPINs themselves without you knowing.
- Shoulder surfing – from the name itself, they spy over your shoulder to steal personal information that might help them in hacking your account.
- Live selling sessions – this usually happens to online sellers when they broadcast what’s on their phones. Scammers just need good timing to initiate the OTP, display it on your screen for all to see, and therefore compromise your account.
If you find yourself on the receiving end of any of these suspicious instances or if you have concerns with any of the GCash services, the best way to address them is through the Help Center accessible within the app only.
The Christmas season and mega-sales online are happening soon so it’s important to remember this GChecklist:
- check the sender or credibility of any website where you are being redirected
- never share your MPIN or OTP
- only do actions within the GCash app.
Once you tick off everything on this list, make sure you’re G to share this so your friends and family can protect themselves, too. For your holiday hauls, don’t forget: magpa-budol wisely!