HANNAH, a call center employee wiles her time away on gaming sites. She considers herself lucky, until she clicked a link that brought her to a site where she could play her favorite game. The link opened into a portal that asked for her e-wallet details which was quickly emptied as soon as she pressed “go.”
E-wallet phishing scams are on the rise, posing a significant threat to users. While traditional text scams have become less effective, scammers have adapted to target e-wallet platforms with more sophisticated tactics like phishing. These scams aim to gather personal information such as MPINs and OTPs to gain unauthorized access to accounts and steal funds.
Users of popular e-wallet platform GCash, should be vigilant and aware of common phishing scams. Here are some scams to watch out for:
Phishing scams no longer confine themselves to text messages but also exploit calls and social media platforms, specifically targeting users of prominent e-wallet platforms like GCash. While trusted financial institutions like GCash have implemented robust security measures such as DoubleSafe Face ID to combat cybercrimes, it is crucial for users to stay informed about new scams, understand their mechanisms, and recognize warning signs to identify and thwart such attempts. Here are some common phishing scams that e-wallet users should remain vigilant about:
‘Magtop-up para sa online gambling’ Phishing Scam: Scammers often masquerade as online gambling sites, enticing users with promises of extra income and entertainment. They lead players to non-PAGCOR licensed gaming providers and prompt them to ‘top-up’ their accounts using a fake GCash portal designed to resemble the genuine platform. The fraudulent portal, employing similar layouts, colors, and logos, deceives users into sharing their credentials, allowing hackers to gain access to their accounts. To avoid falling victim to this scam, it is crucial to scrutinize the URL or link name when asked to link your GCash account. Legitimate GCash portals always begin with ‘https://’ and end with ‘gcash.com,’ while suspicious ones may feature numerical prefixes, additional characters, or misspelled words (e.g., Gccash instead of GCash).- Fake Online Gambling Sites: Scammers lure users to non-PAGCOR licensed gaming providers and trick them into using a fake GCash portal to top up their accounts. The fake portal, designed to resemble the legitimate GCash platform, prompts users to enter their mobile number, OTP, and MPIN. Once the information is provided, hackers can access the victim’s account. Always verify the URL and ensure you are on the official GCash portal (starting with https:// and ending in ‘gcash.com’).
- “Nakahold ang account mo” Scam: Fraudsters pose as GCash employees and contact users, claiming their accounts are on hold or frozen. They then request the user’s MPIN and OTP to reactivate the account. Falling for this scam grants scammers access to the victim’s account and funds. Remember that GCash will never ask you to activate your account through a phone call or messaging apps.
- Fake Raffle Prize Notifications: Scammers impersonate GCash and inform users that they’ve won prizes from a GCash raffle they didn’t participate in. Victims are directed to a fake GCash portal to claim the prize, where they are prompted to enter their mobile number, MPIN, and OTP. Sharing this information allows cybercriminals to access the victim’s account. Legitimate GCash rewards and promos will only be communicated through the official app, so never click on suspicious links.
‘Magtop-up para sa online gambling’ Phishing Scam: Scammers often masquerade as online gambling sites, enticing users with promises of extra income and entertainment. They lead players to non-PAGCOR licensed gaming providers and prompt them to ‘top-up’ their accounts using a fake GCash portal designed to resemble the genuine platform. The fraudulent portal, employing similar layouts, colors, and logos, deceives users into sharing their credentials, allowing hackers to gain access to their accounts. To avoid falling victim to this scam, it is crucial to scrutinize the URL or link name when asked to link your GCash account. Legitimate GCash portals always begin with ‘https://’ and end with ‘gcash.com,’ while suspicious ones may feature numerical prefixes, additional characters, or misspelled words (e.g., Gccash instead of GCash).
Fake Raffle Prize Notifications: Scammers impersonate GCash and inform users that they’ve won prizes from a GCash raffle they didn’t participate in. Victims are directed to a fake GCash portal to claim the prize, where they are prompted to enter their mobile number, MPIN, and OTP. Sharing this information allows cybercriminals to access the victim’s account. Legitimate GCash rewards and promos will only be communicated through the official app, so never click on suspicious links.GCash will never ask for your MPIN and OTP through any form of communication. Stay cautious and check the official GCash app for account status or rewards. If you encounter phishing scams or fraudulent activities targeting your account, report them through the official GCash Help Center or by messaging the official chatbot Gigi on the website, stating that you want to report a scam. By being aware and taking precautions, you can safeguard your e-wallet account and avoid falling victim to phishing scams.
