HomeNewsBPI Warns Companies Of Phishing Schemes Directed At Employees

BPI Warns Companies Of Phishing Schemes Directed At Employees


The Bank of the Philippine Islands (BPI) warned companies and the general public against the proliferation of executive phishing attacks, or whaling, which is known to be a sophisticated social engineering scam that preys on the members of an organization.

BPI Phishing Warning Details

BPI Warns Companies Phishing Schemes (1)

Jonathan John Paz, BPI Enterprise Information Security and Data Protection Officer, said executive phishing or whaling can occur over emails and messaging applications like Viber and WhatsApp, in which unscrupulous individuals pose as a senior management figure to induce the employees to execute fraudulent transactions or lure them into divulging sensitive or confidential information.

“Cyberattacks against organizations do happen and it could cost millions in terms of data loss, financial impact, and operational disruption,” he said.

“Line managers, particularly those with access to critical data or tasked with critical transactions, face the biggest risk of whaling, that is why it’s important to conduct regular cybersecurity awareness training and attack simulations within the company,” he added.

Some Tips

Paz urged the public to be alert and exercise caution with emails and attachments to protect themselves from this type of social engineering scams. He advised to follow these tips:

  • Verify the sender. Before taking any action, make sure that the sender’s name, email address, and contact number are correct. If you don’t normally receive an email or message from the sender, ask a person in authority to verify their legitimacy.
  • Don’t engage. Don’t click on links or download attachments from suspicious senders. Don’t respond to their message either.
  • Check for viruses. Take an extra step by scanning attachments for viruses before opening them.
  • Report immediately. If you receive a message from a sender who you suspect is impersonating an executive of your company, report immediately to your company’s cybersecurity team.

More Cybersecurity Awareness

Moreover, Paz said companies must take a proactive approach in promoting cybersecurity awareness, urging them to instill among their employees the mindset that cybersecurity is a shared responsibility, regardless of their position, title, or tenure.

“We must get everyone to understand that cybersecurity is a responsibility we all share and that it takes a collective effort to fight cyberthreats. Doing so will allow us to safely navigate the digital world while ensuring the company and employees are protected,” he said.

According to a report by the Department of Information and Communications Technology, cyber incidents in the country increased by 62 percent in 2023, signaling the need for a more aggressive cybersecurity awareness initiative to protect Filipinos.




Huawei Pura 70 Review (2)

Huawei Pura 70 Pro Quick Review – Top Notch Photography Experience

The Huawei Pura 70 series is the smartphone that can definitely prove that Huawei is dead serious about photography. The newest series proved that...
Jose Felongcohttp://www.hungrygeeks.ph
Player of video games since the tender age of 3. Still wonders why his dad allowed him to play Doom during those times. Currently working for a gaming company and spends time painting Warhammer 40k minis to relax.