BPI Phising Attack

Last Friday, March 10, 2017 just a few minutes before I clocked out of work, I saw an email from BPI (Bank of the Philippine Islands) with the subject “Bank Account Fraud Prevention!”.

I’m a BPI customer and have been using their Online banking app and services for quite some time. With some of my private information compromised when the COMELEC election database has been hacked last year, I take messages like this seriously. However, before acting on it, I did some quick checks to see if it’s really legit.

Opened the email and it looked pretty legit:

BPI phising attack
A legit looking email which turned out to be a phising attack against BPI customers.

Looked into the details of the sender and how it was sent, it still looked pretty legit:

Looked like it really came from BPI. Then again, phishing attacks are smart nowadays and they can easily spoof the sender’s email address.

Phishing attack emails contain a link that will take you to a website or contain malicious code that will steal your information, in this case the email had a link where I am supposed to verify my personal information. However, upon hovering on the link, which again looks legit, Chrome has revealed a completely different link:

At this point, the best thing to do for most is to just mark the email as spam or phising attack. Before that, I went further to confirm that this is a phishing attack. I opened the link and it did bring me to a site that looked exactly like BPI Online:

The link brings you to a legit looking-BPI site, but looking closely at the URI, and you know it’s a fake BPI site.

So there you have it. Always be cautious of emails like this. Double-check if it really came from your bank and if you can’t tell if it is legit or not, best thing to do is ignore the email, do not click any link it contains and call your bank first to confirm with them the information it contains. They would also give advise on how to secure your account.

Be smart. Be cautious. Stay safe everyone!