The Bank of the Philippine Islands, one of the country’s top banking institutions warned the public anew from crooks pretending to be bank representatives and asking for credit card information.
The renewed warning came after a Twitter thread detailed a client’s experience as a target of credit card fraud. He said he almost got scammed into giving away his credit card information, if not for his vigilance.
He also warned fellow credit card holders of the scam and reminded them to refrain from sharing their card information to anyone.
BPI on the microblogging platform reminded its clients that it will never ask for card details such as its expiry date, card verification code and one-time password over the phone, through text messages or on emails.
We wish to reiterate that BPI will never ask for credit card information such as expiry date, CVC, and OTP via SMS, call, or e-mail. Let us stay vigilant to avoid falling victim to scammers pretending to be bank representatives to phish for your personal and account information.
— BPI (@TalktoBPI) July 3, 2019
The scam
According to Twitter user @itsvener, an individual called him on his cellphone and claimed that he was from one of BPI’s Makati branches.
To all my friends who own a BPI credit card (or any other banks), this thread is for you.
— Ven (@itsvener) July 1, 2019
So an unknown number called me. Of course, I picked it up kasi baka kakilala ko or emergency or what. Nagpakilala yung guy as Alex from BPI Makati daw. He then says something about the waiving of annual fees.
— Ven (@itsvener) July 1, 2019
The Twitter user found it “sketchy” since the caller ID registered was an 11-digit number instead of the official caller ID bearing the banking firm’s name.
“If BPI man ‘to, usually, they would’ve called me using their landline. Weird thing though, the guy knows my name and my address,” Quiogue wrote in the thread.
The fake BPI representative said something about “the waiving of annual fees” and confirmed the user’s type of credit card, as well as its expiration date.
But when the caller started to guess about its month, that’s when Quiogue felt that something was amiss.
“But for the month, I felt something strange again when he started guessing, like ‘April po ba ‘yung month or May?'” he wrote.
The caller then stated the first eight digits of his credit card and then asked him for the remaining ones.
Quiogue gave the caller a wrong set of numbers “to test if he really knows it” but the caller only affirmed the information instead.
“When I gave the wrong digits and yet he still said okay, that’s when I fcking woke up. (You) scam,” the user wrote.
He eventually texted the caller to make him aware that he knew the latter was not a legitimate BPI representative.
Another Twitter user tagged the official account of the banking firm to make them aware of the scam.
Hi! Please be advised that BPI will not solicit/request for your personal information using an anonymous mobile number. Thank you.
— BPI (@TalktoBPI) July 3, 2019
Quiogue also shared the thread on his Facebook account.
On credit card schemes
A firm that publishes news and analysis on the global card and mobile payment industry reported that losses from credit card fraud are expected to rise dramatically by 2020.
“According to the Nilson Report, worldwide losses from card fraud rose to US$21 billion in 2015, up from about US$8 billion in 2010. By 2020, that number is expected to reach US$31 billion,” researcher
He also observed that people have started to rely on credit, debit and prepaid cards for their respective financial transactions as early as the ’80s.
“Thanks to new online money-transfer systems, such as Paypal, and the spread of e-commerce around the world — including, increasingly, in the developing world — which was slow to adopt online payments — these trends are expected to continue,” Buonaguidi added.
This reliance, however, will greatly increase their possibility to be victimized by fraudulent schemes set up by cybercriminals.
According to the Bangko Sentral ng Pilipinas, criminals usually obtain credit card information through the following methods:
- When your credit card gets into the hands of a dishonest employee of an establishment while he is processing the payment of your bill.
- When you provide the account information through the mail, phone or Internet vendors and unauthorized persons gain access to it.
- Whenever a merchant’s database is breached, or hacked into, and your account information together with those of thousands of other people’s, are taken.
- When your account information is purchased from a person who stole the said information from you.