Smished

Phishing. Smishing. Admit it, you became aware of these words only recently.

In my case, while I’ve been coming across the words for some time, I seriously looked up their meaning only this week.

This was after the president of the Bankers’ Association of the Philippines (BAP), Jose Arnulfo “Wick” Veloso, aired a warning against various forms of cyber fraud, using data that we routinely provide online to banks and other establishments including for COVID contact tracing, and which some people freely provide on social media.

We give such personal data, believing that the more details we provide, the harder it will be for scammers to pass the verification process. Obviously, we also have full confidence that our personal data will be protected by the banks.

Even then, the handful of times in my life that I have paid for anything online using my credit card, the bank had to replace the card after it got hacked. The first two instances, the attempt to use the card failed, but the bank changed it anyway. The third time, last year, payment was posted in England for a Netflix subscription.

Fortunately, because of the lockdowns, it didn’t take much to persuade the bank that I was quarantined in Metro Manila like nearly everyone else and could not have possibly been in the UK when the payment was posted. The bank reversed the charge and replaced my card.

So these days, even when I order anything online for home delivery, I always pay COD.

I don’t know if I’m one of the 22,000 S&R members who have been hit by a ransomware attack, as reported by the National Privacy Commission.

*      *      *

The banks are constantly upgrading their data protection devices against cyber crime. But what if the personal details are posted on social media platforms?

I understand the appeal and immense usefulness of social media, and how it has upended many aspects of life. The internet has become a game-changing enabler of human activities.

But I’m not on Facebook, Twitter, TikTok, WhatsApp, Instagram or Snapchat. My work in mass media puts me on YouTube and digital platforms, but that’s the extent of my social media presence.

Maybe it’s a generational thing; in my youth we kept our thoughts to ourselves in a diary under lock and key, and we resented it if our parents or anyone else pried into it.

After watching “The Social Dilemma,” the Netflix documentary on how Facebook, Google, Pinterest and other socmed platforms exploit, manipulate and get people addicted to the dopamine high produced by “likes” and scrolling, I’m happy about my stance.

Among the most memorable lines in the film docu is the one from Yale University computer science professor emeritus Edward Tufte: “There are only two industries that call their customers ‘users’: illegal drugs and software.”

This week Lush Cosmetics, the UK-based maker we best know for its handmade cosmetic soaps, announced it is deactivating its accounts on Facebook, Instagram, TikTok and Snapchat over safety concerns.

I also stay away from certain social media platforms because of their immense capacity for purveying fake news, misinformation, black propaganda, and ideas that encourage hatred and violence directed at certain groups, individuals or entities – anonymously, with zero accountability.

Now we’re being warned that personal information posted on social media can end up in the dark web, where the data can be accessed by tech-savvy lowlifes for phishing (spam online messaging), smishing (the SMS / text version), stealing our bank deposits and identity theft.

*      *      *

Wick Veloso, who is president and CEO of Philippine National Bank, said our country has the highest number of phishing attacks in Southeast Asia.

He told us on One News’ “The Chiefs” last Tuesday that according to IBM, 100 million account data in the Philippines are available on the dark web, including 100,000 from credit card holders.

During the pandemic, work-from-home job recruitment scams have proliferated. Victims are hooked through initial payments. All experts warn that if it seems too good to be true, trust your instincts; it’s most likely a scam.

There are also digital banking services that are sprouting and offering returns much higher than what the major banks can offer.

Veloso describes these as “feast and famine” schemes. He warns that even cryptocurrencies fall in this category. I am reminded of pyramiding scams using cash, which continue to proliferate.

The government is now encouraging all Filipinos to have a bank account and get a national ID. There are valid concerns about the security of the data collected for the ID.

Digital transactions including registration for vaccination, medical consultations and even booking a COVID test are compelling people to have an email account and use a mobile phone. With distance learning, millions of children now also have internet accounts and are likely on social media, with little or no knowledge about protecting their personal details and privacy.

The BAP is pushing for the speedy passage of the Bank Account and E-wallet Regulation Act, to make cyber offenses such as phishing and money mule operations (those who electronically handle money acquired from phishing and other cyber crimes) as forms of economic sabotage. Penalties will include fines ranging from P100,000 to P500,000 and prison terms of six months to 12 years.

*      *      *

The government must complement this with measures to promote digital literacy, starting with school children whose education is through distance learning. For children old enough to open a bank account on their own, digital financial literacy can be introduced in the school curriculum.

Financial literacy programs can also be offered for free, online or in community centers, for all adults. Special programs can be offered for retirees who need advice on surviving on modest pensions or investing their life savings wisely.

Meta, the tech giant formerly known as Facebook, is partnering with the Commission on Elections to launch a digital literacy campaign, but of course this is related only to the upcoming 2022 vote. Meta can expand its program to financial digital literacy.

Preventing online fraud starts with awareness of the problem. Once you understand what phishing, smishing, ransomware attack, etc. mean, and why they are criminal activities, then preventing them can become easier.

Show comments