The Bank of the Philippine Islands (BPI) has constantly been issuing a warning to users of BPI ExpressOnline (BPI EOL), its online banking facility, against phishing emails. Phishing — pronounced “fishing” as in “fishing for information” — is a type of deception designed to steal one’s personal data such as credit card numbers, passwords, and account login information.
How to check whether an email is a phishing email or not is discussed in our Tips to Protect yourself from Phishing Scams article.
BPI also recently published a Facebook note that includes additional tips on how to ensure you won’t be a victim of phishing. Read their informative post here: How Not to be a Victim of Phishing Scams.
Below are specific tips on using BPI ExpressOnline that BPI recommends account holders to adopt.
Phishing Scams on the Rise
Phishing e-mails are sent to trick you into revealing personal and financial information. Don’t be a victim.
We suggest that you use this short checklist to protect yourself against phishing attacks.
1. Begin your session by manually typing the web address of BPI into your browser.
The official URL of BPI Express Online is www.bpiexpressonline.com.
2. Avoid disclosing personal or account details via email or embedded link.
Be skeptical of unsolicited e-mails, especially those that concern personal / account information.
Delete suspicious emails or email attachments without opening them, even if they seem to have originated from someone you know.
3. Notify the sending company if you receive a suspicious email.
Contact us directly through Express Phone 89-100 or email us at email@example.com.
4. Check the security certificate of the web page.
Before entering personal or account information into a site, make sure it is secure.
In Internet Explorer, you can do this by checking the yellow lock on the status bar. A closed lock is an indication of an encrypted site.
If you think you may have responded to a suspicious email, change your password for Express Online as soon as possible. To change your password, login to www.bpiexpressonline.com and go to Account Maintenance –> Change Password.
We wish to reiterate that BPI will never send you an e-mail asking for information on your username and password. The Bank’s websites are protected by a 128-bit SSL encryption and Verisign’s Security Certificate. We would also like to remind you of the following legitimate website addresses of the Bank:
Image credits: Bank of the Philippine Islands (BPI)
2 thoughts on “Tips from BPI: How not to be a Victim of Fake Emails and Phishing Scams”
Internet Explorer 7 also has an anti-phishing feature. It warns the user if a website appears to be a phishing website.
Best tip to guard against phishing: be vigilant, be informed.
More power Pinoy Money Talk! Keep our readers informed!
Hi ka Edong, yup IE7 has it too. This is discussed in our article Tips to Protect yourself from Phishing scams. I agree being informed is one way to guard yourself against phishing sites. And not to click on just about any link in any email you receive too!