MANILA – Bank of the Philippines Islands has warned clients over a fake log-in site for its online banking service, as it reminded them to be vigilant against fraud.
The fake site copied the layout of the BPI Express Online log-in page, but uses a different address, http://www.bpiexpressonlineph.com. The correct address is https://www.bpiexpressonline.com. It has since been taken down, BPI said.
Minimizing fraud is a shared responsibility of the bank and its clients, BPI executive vice president and head of Enterprise Services Ramon Jocson earlier said.
"Everyone involved in the security of an account or personal information should be perceptively wary and vigilant. A lapse in caution compromises all involved," Jocson said.
Here are some tips to avoid fake sites according to BPI.
CHECK E-MAIL ADDRESS, DOMAIN NAME
“Hover your mouse pointer over the link and copy of the URL. The hyperlinked URL will be shown in the status bar at the bottom of your email. If it does not match the URL you intend to visit, it is most likely a fake website,” the BPI advisory said.
CHECK SITE SECURITY
"A secure website begins with https: and has a lock icon in the page, which means that it uses an SSL protocol," BPI said.
BE WARY OF EMBEDDED FORMS
Forms that ask for passwords of personal email accounts are usually fake. BPI also said the bank never asks for personal information using embedded email links.
The lender also advised clients on keeping their accounts safe, including changing PINs regularly, using anti-virus software, clearing cached memory after logging out of banking sites and avoiding shared computers when transacting online.