MACTAN. — The Bangko Sentral ng Pilipinas (BSP) agrees with the claims of e-wallet service provider GCash that the incidents involving unauthorized fund transfers two weeks ago was not a case of hacking but of phishing.
Felipe Medalla, BSP governor, said he is satisfied with the security features of the country’s digital wallets and banks.
“… but no matter how secure, if the account holder is sharing the OTP (one-time password)…,” Medalla told reporters at the sidelines of the 2-day 2023 International Conference on Financial Stability.
He was referring to some users giving out, unknowingly, their OTPs which is the confirmation of the transaction.
“It turns out in this particular case, it’s phishing . For some reason, people are convinced into giving out their OTPs despite all the warnings to never share the OTP,” Medalla said.
Phishing is a common type of cyber attack where criminals impersonate an organization or individual through a legitimate-looking email or text message containing links to fraudulent websites to trick people into divulging sensitive information or downloading harmful software. A variation of phishing, known as smishing, operates similarly but is limited to mobile phone SMS messages.
Hacking is the act of compromising digital devices and networks through unauthorized access to an account or computer system.
Medalla commended GCash for its fast response, enabling the banks where the funds were transferred to freeze the recipient two accounts and return the money to the platform and eventually to the GCash users. – Jimmy Calapati
