MANILA -- Cybercriminals are taking advantage of the Luzon lockdown to do criminal acts online such as phishing and donation scams, the National Bureau of Investigation said Friday.
"Nakita ng industry ng mga bangko 'yong pagtaas ng insidente ng mga phishing at mga [donation] scam," NBI cybercrime division chief Victor Lorenzo told DZMM.
Phishing is a cybercrime in which targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as banking and credit card details, passwords and personally identifiable information.
Lorenzo said the NBI is working with banks to trace the culprits.
"Kapag nag-phish ka naman ng account, mayroon kang pagta-transferan na isang account. Kasi online rin ang transaction nila. 'Yon ang sinusundan namin. So naipa-pattern namin kung saan nanggagaling," he said.
"Ang bangko kasi, hindi niyan hihingiin 'yong account information mo, especially 'yong mga password mo dahil nasa kanila 'yon eh," he added.
The NBI official warned the public to be wary of texts and social media posts asking for donations. Only legitimate institutions or those accredited by the Department of Social Welfare are allowed to ask for donations.
"Dapat ang publications [ng donations] katulad sa legitimate institutions," he said.
He also reminded the public not to sell empty ATM cards as syndicates use it to transfer their "fraudulently acquired funds" from their victims.
NBI has yet to compile the final tally of cybercrimes involving donation scams and phishing.
Cybersecurity firm Kaspersky has ranked Bangladesh, the Philippines, and China as the top three countries with the most detected coronavirus-related malware. The firm detected 53 coronavirus-related malware in the Philippines until March of this year.
During the first week of February, Kaspersky warned the public about malicious pdf, mp4 and docx files disguised as documents relating to the then newly-discovered coronavirus.
Cybercriminals have sent emails purportedly from organizations such as the Centers for Disease Control and Prevention and the World Health Organization, with recommendations about the coronavirus. The email then directs users to a phishing page meant to steal email credentials.