Noting that a growing number of online fraudsters are exploiting the public fear surrounding the Covid-19 crisis, the National Privacy Commission (NPC) and the Department of Information and Communications Technology (DICT) are asking the public to be careful when using online financial services and accessing health-related apps.
NPC said in its advisory that now is the worst possible time to fall victim to online fraudsters as they can steal sensitive data, cause financial and reputational damages, and make devices unusable.
The DICT said a post entitled “P20,000 Para sa Lahat ng SSS Pangtawid” has been circulating on Facebook Since March 18, 2020. Clicking it directs the user to RANDOMNAMES.CLUB, which is a phishing site, and proceeds to repost the same link on user’s Facebook wall.
“Cyberattacks are happening amidst the global COVID-19 pandemic. There have been reports of ransomware attacks that target hospitals and healthcare facilities,” the DICT said.
To prevent similar incidents, the agency urged hospitals and healthcare facilities nationwide to employ emergency backup systems to ensure operational continuity for both databases and infrastructure in case of outages caused by malware or cyberattacks.
The NPC encouraged online users to practice the following tips to protect personal data in the time of Covid-19:
Is the email or message unsolicited? Does it urgently encourage you to open the attached file? Is it promising Covid vaccines or cure that you have not heard of at all in the news or credible websites? Do not click them. It is most likely a phishing attack that steals your financial data such as credit card or online banking details.
We have a lot of questions about the pandemic. We will not find these answers, however, on some random websites or applications. What we may find on these sites instead are suspicious links, pop-ups and downloadable files, resulting in a ransomware infection that locks us out of our devices. Not only do you protect yourself from ransomware by relying on trusted sources, you also get to avoid misinformation.
Research online or through your social media contacts from whom you learned of the charity or crowdfunding campaign. Know where your donations will go. Think twice if the charity rushes or pressures you or makes unrealistic promises just to get you to donate. If you’ve decided to make the donation, be sure to check your bank statements and see if you’ve been charged the right amount.
Scammers want you to click on a link or give your password, account number and other personal information. This way they can steal your identity, money and gain access to your computer or cellphone. To do this, they use familiar company names or pretend like someone you know. They pressure you to act now or else.
When you receive such messages, be skeptical. Look up the website or phone number for the company or person contacting you. Call them directly using the company’s official number or email. Never give any personal information especially your password and pin number.
Most phishing attempts use bad grammar and spelling. There are some, however, that looks legitimate and very convincing.
During this critical period, all our focus and efforts should go to the fight against the spread of the Covid-19 virus. We should avoid, at all cost, getting sidetracked by these digital pitfalls.