BPI reminds customers how to spot scams this holiday season

Editor’s note: This press release is sponsored by the Bank of the Philippine Islands and was handled by BrandRap, the sales and marketing arm of Rappler. No member of the news and editorial team participated in the publishing of this piece.

Scam targeting bank customers continues to rise, and fraudsters are getting better at imitating official channels. Whether it’s a caller claiming to be from your bank or a text message urging you to click a link “right now,” many scams look and sound legitimate at first glance.

“These days, most scammers don’t break into accounts by force—they convince you to open the door,” said Jon Paz, data protection officer of BPI. “They use urgency, fear, or familiarity to make you act without thinking. That’s where the danger lies.”

Paz noted that banks continue to invest heavily in cybersecurity, including AI-driven fraud monitoring and multi-factor authentication. However, even the most advanced systems can be bypassed when customers are tricked into giving away secret information.

“We can build the strongest systems, but scammers take advantage of human vulnerabilities. Awareness remains to be the most important defense against scams,” he said. 

For consumers to be more aware, here are the tactics fraudsters commonly use—and how customers can stay a step ahead.

Fake bank calls that sound real

One of the most common tactics involves callers who claim to work for banks, e-wallets, or any financial service company. They would claim that there’s a suspicious transaction, or they need to “verify” your account. Their goal is to get you to reveal your OTP, password, or card details. Banks do not ask for OTPs or passwords over the phone. If you receive a call like this, or you have inquiries, BPI encourages customers to call its 24-hour Contact Center at (+632) 889-10000 or chat with BEA on the official website.

Links that lead to look-alike sites

Fraudsters send messages promising refunds, rewards, or account reactivation. The link directs you to a fake banking page designed to harvest your login details. Remember, BPI will never send clickable links via email or text, so NEVER click on any link. You will also know if it is fake by checking the URL carefully. If it’s not the bank’s official domain —bpi.com.ph—it is a scam.

Routine “verification” requests

Some scammers pose as bank staff conducting a quick system check. They may ask you to read an OTP aloud, screen-share your phone, or install an app.

Customers are advised that banks never perform account verification through unsolicited calls or chats. Clients must download apps only from Google Play Store, Apple AppStore, and other official mobile app download sites.

AI screenshots as payment confirmation

Social media marketplaces are fertile ground for scam buyers or sellers offering deals that seem urgent or unusually cheap. They may request payment upfront and even send fake payment confirmations to appear legitimate. However, once the payment is made, the goods or funds never arrive.

If you’re an online seller, scammers may use AI-generated payment confirmation screenshots. BPI is urging customers to check their accounts to verify and not just rely on a screenshot.

‘Emergency’ money requests

Scammers sometimes pretend to be a friend or relative using a new number, claiming they need money urgently. Consumers must verify through another contact or channel before sending anything.

Tech helps, but awareness is essential. In summary, BPI encourages customers to:

• Keep OTPs and passwords confidential
• Ignore links sent via text, even if they appear to be from BPI 
• Transact only through official bank platforms
• Report any suspicious activity immediately

– Rappler.com